[Federal Register Volume 74, Number 58 (Friday, March 27, 2009)]
[Rules and Regulations]
[Pages 13926-13993]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-6102]
[[Page 13925]]
-----------------------------------------------------------------------
Part III
Nuclear Regulatory Commission
-----------------------------------------------------------------------
10 CFR Parts 50, 52, 72 et al.
-----------------------------------------------------------------------
Power Reactor Security Requirements; Final Rule
��Federal Register / Vol. 74 , No. 58 / Friday, March 27, 2009 / Rules
and Regulations��
[[Page 13926]]
-----------------------------------------------------------------------
NUCLEAR REGULATORY COMMISSION
10 CFR Parts 50, 52, 72, and 73
[NRC-2008-0019]
RIN 3150-AG63
Power Reactor Security Requirements
AGENCY: Nuclear Regulatory Commission.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: The Nuclear Regulatory Commission (NRC) is amending its
security regulations and adding new security requirements pertaining to
nuclear power reactors. This rulemaking establishes and updates
generically applicable security requirements similar to those
previously imposed by Commission orders issued after the terrorist
attacks of September 11, 2001. Additionally, this rulemaking adds
several new requirements not derived directly from the security order
requirements but developed as a result of insights gained from
implementation of the security orders, review of site security plans,
implementation of the enhanced baseline inspection program, and NRC
evaluation of force-on-force exercises. This rulemaking also updates
the NRC's security regulatory framework for the licensing of new
nuclear power plants. Finally, it resolves three petitions for
rulemaking (PRM) that were considered during the development of the
final rule.
DATES: Effective Date: This final rule is effective on May 26, 2009.
Compliance Date: Compliance with this final rule is required by March
31, 2010, for licensees currently licensed to operate under 10 CFR Part
50.
ADDRESSES: You can access publicly available documents related to this
document using the following methods:
Federal e-Rulemaking Portal: Go to http://www.regulations.gov and
search for documents filed under Docket ID [NRC-2008-0019]. Address
questions about NRC Dockets to Carol Gallagher at 301-492-3668; e-mail
[email protected].
NRC's Public Document Room (PDR): The public may examine and have
copied for a fee publicly available documents at the NRC's PDR, Public
File Area O1 F21, One White Flint North, 11555 Rockville Pike,
Rockville, Maryland.
NRC's Agency Wide Documents Access and Management System (ADAMS):
Publicly available documents created or received at the NRC are
available electronically at the NRC's Electronic Reading Room at http://www.nrc.gov/reading-rm/adams.html. From this page, the public can gain
entry into ADAMS, which provides text and image files of the NRC's
public documents. If you do not have access to ADAMS or if there are
problems in accessing the documents located in ADAMS, contact the NRC's
PDR reference staff at 1-800-397-4209, 301-415-4737 or by e-mail to
[email protected].
FOR FURTHER INFORMATION CONTACT: Ms. Bonnie Schnetzler, Office of
Nuclear Security and Incident Response, U.S. Nuclear Regulatory
Commission, Washington, DC 20555-0001; telephone 301-415-7883; e-mail:
[email protected], or Mr. Timothy Reed, Office of Nuclear
Reactor Regulation, U.S. Nuclear Regulatory Commission, Washington, DC
20555-0001; telephone 301-415-1462; e-mail: [email protected].
SUPPLEMENTARY INFORMATION:
I. Background
II. Petitions for Rulemaking
III. Discussion of Substantive Changes and Responses to Significant
Comments
IV. Section-by-Section Analysis
V. Guidance
VI. Criminal Penalties
VII. Availability of Documents
VIII. Voluntary Consensus Standards
IX. Finding of No Significant Environmental Impact
X. Paperwork Reduction Act Statement
XI. Regulatory Analysis
XII. Regulatory Flexibility Certification
XIII. Backfit Analysis
XIV. Congressional Review Act
I. Background
A. Historical Background and Overview
Following the terrorist attacks on September 11, 2001, the
Commission issued a series of orders to ensure that nuclear power
plants and other licensed facilities continued to have effective
security measures in place given the changing threat environment.
Through these orders, the Commission supplemented the design basis
threat (DBT) as well as mandated specific training enhancements, access
authorization enhancements, and enhancements to defensive strategies,
mitigative measures, and integrated response. Additionally, through
generic communications, the Commission specified expectations for
enhanced notifications to the NRC for certain security events or
suspicious activities. The four following security orders were issued
to licensees:
EA-02-026, ``Interim Compensatory Measures (ICM) Order,''
issued February 25, 2002 (March 4, 2002; 67 FR 9792);
EA-02-261, ``Access Authorization Order,'' issued January
7, 2003 (January 13, 2003; 68 FR 1643);
EA-03-039, ``Security Personnel Training and Qualification
Requirements (Training) Order,'' issued April 29, 2003, (May 7, 2003;
68 FR 24514); and
EA-03-086, ``Revised Design Basis Threat Order,'' issued
April 29, 2003, (May 7, 2003; 68 FR 24517).
Nuclear power plant licensees revised their physical security
plans, access authorization programs, training and qualification plans,
and safeguards contingency plans in response to these orders. The
Commission completed its review and approval of the revised security
plans on October 29, 2004. These plans incorporated the enhancements
required by the orders. While the specifics of these enhancements are
protected as Safeguards Information consistent with 10 CFR 73.21, the
enhancements resulted in measures such as increased patrols; augmented
security forces and capabilities; additional security posts; additional
physical barriers; vehicle checks at greater standoff distances;
enhanced coordination with law enforcement authorities; augmented
security and emergency response training, equipment, and communication;
and more restrictive site access controls for personnel including
expanded, expedited, and more thorough employee background
investigations.
The Energy Policy Act of 2005 (EPAct 2005), signed into law on
August 8, 2005, contained several provisions relevant to security at
nuclear power plants. Section 653, for instance, added Section 161A. to
the Atomic Energy Act of 1954, as amended (AEA). This provision allows
the Commission to authorize certain licensees to use, as part of their
protective strategies, an expanded arsenal of weapons including machine
guns and semi-automatic assault weapons. Section 653 also requires
certain security personnel to undergo a background check that includes
fingerprinting and a check against the Federal Bureau of
Investigation's (FBI) National Instant Criminal Background Check System
(NICS) database. Section 161A, however, is not effective until
guidelines are completed by the Commission and approved by the Attorney
General. More information on the NRC's implementation of Section 161A
can be found below.
B. The Proposed Rule
As noted to recipients of the post-September 11, 2001, orders, it
was
[[Page 13927]]
always the Commission's intent to complete a thorough review of the
existing physical protection program requirements and undertake a
rulemaking that would codify generically-applicable security
requirements. This rulemaking would be informed by the requirements
previously issued by orders and includes an update of existing power
reactor security requirements, which had not been significantly revised
for nearly 30 years. To that end, on October 26, 2006, the Commission
issued the proposed Power Reactor Security rulemaking (71 FR 62663).
The proposed rule was originally published for a 75-day public comment
period. In response to several requests for extension, the comment
period was extended on two separate occasions (January 5, 2005; 72 FR
480; and February 28, 2007; 72 FR 8951), eventually closing on March
26, 2007. The Commission received 48 comment letters. In addition, the
Commission held two public meetings to solicit public comment in
Rockville, MD on November 15, 2006, and Las Vegas, NV on November 29,
2006. The Commission held a third public meeting in Rockville, MD, on
March 9, 2007, to facilitate stakeholder understanding of the proposed
requirements, and thereby result in more informed comments on the
proposed rule provisions.
In addition to proposing requirements that were similar to those
that had previously been imposed by the various orders, the proposed
rule also contained several new provisions that the Commission
determined would provide additional assurance of licensee capabilities
to protect against the DBT. These new provisions were identified by the
Commission during implementation of the security orders while reviewing
the revised site security plans that had been submitted by licensees
for Commission review and approval, while conducting the enhanced
baseline inspection program, and through evaluation of the results of
force-on-force exercises. As identified in the proposed rule, these new
provisions included such measures as cyber security requirements,
safety/security interface reviews, functional equivalency of the
central and secondary alarm stations, uninterruptable backup power for
detection and assessment equipment, and video image recording equipment
(See 71 FR 62666-62667; October 26, 2006).
The Commission also published a supplemental proposed rule on April
10, 2008, (73 FR 19443) seeking additional stakeholder comment on two
provisions of the rule for which the Commission had decided to provide
additional detail. The supplemental proposed rule also proposed to move
these requirements from appendix C to part 73 in the proposed rule to
Sec. 50.54 in the final rule. More detail on those provisions and the
comments received is provided in section III of this document.
Three petitions for rulemaking (PRM) (PRM-50-80, PRM-73-11, PRM-73-
13) were also considered as part of this rulemaking. Consideration of
these petitions is discussed in detail in section II of this document.
C. Significant New Requirements in the Final Rule
This final rulemaking amends the security requirements for power
reactors. The following existing sections and appendices in 10 CFR Part
73 have been revised as a result:
10 CFR 73.55, Requirements for physical protection of
licensed activities in nuclear power reactors against radiological
sabotage.
10 CFR 73.56, Personnel access authorization requirements
for nuclear power plants.
10 CFR Part 73, appendix B, section VI, Nuclear Power
Reactor Training and Qualification Plan for Personnel Performing
Security Program Duties.
10 CFR Part 73, appendix C, Licensee Safeguards
Contingency Plans.
The amendments also add two new sections to part 73 and a new
paragraph to 10 CFR Part 50:
10 CFR 73.54, Protection of digital computer and
communication systems and networks (i.e., cyber security requirements).
10 CFR 73.58, Safety/security interface requirements for
nuclear power reactors.
10 CFR 50.54(hh), Mitigative strategies and response
procedures for potential or actual aircraft attacks.
Specifically, this rulemaking contains a number of significant new
requirements listed as follows:
Safety/Security Interface Requirements. These requirements are
located in new Sec. 73.58. The safety/security interface requirements
explicitly require licensees to manage and assess the potential
conflicts between security activities and other plant activities that
could compromise either plant security or plant safety. The
requirements direct licensees to assess and manage these interactions
so that neither safety nor security is compromised. These requirements
address, in part, PRM-50-80, which requested the establishment of
regulations governing proposed changes to the facilities which could
adversely affect the protection against radiological sabotage.
Mixed-Oxide (MOX) Fuel Requirements. These requirements are
codified into new Sec. 73.55(l) for reactor licensees who propose to
use MOX fuel in concentrations of 20 percent or less. These
requirements provide enhancements to the normal radiological sabotage-
based physical security requirements by adding the requirement that the
MOX fuel be protected from theft or diversion. These requirements
reflect the Commission's view that the application of security
requirements for the protection of formula quantities of strategic
special nuclear material set forth in Part 73, which would otherwise
apply because of the MOX fuel's plutonium content, is, in part,
unnecessary to provide adequate protection for this material because of
the weight and size of the MOX fuel assemblies. The MOX fuel security
requirements are consistent with the approach implemented at Catawba
Nuclear Station through the MOX lead test assembly effort in 2004-2005.
Cyber Security Requirements. These requirements are codified as new
Sec. 73.54 and designed to provide high assurance that digital
computer and communication systems and networks are adequately
protected against cyber attacks up to and including the design basis
threat as established by Sec. 73.1(a)(1)(v). These requirements are
substantial improvements upon the requirements imposed by the February
25, 2002 order. In addition to requiring that all new applications for
an operating or combined license include a cyber security plan, the
rule will also require currently operating licensees to submit a cyber
security plan to the Commission for review and approval by way of
license amendment pursuant to Sec. 50.90 within 180 days of the
effective date of this final rule. In addition, applicants who have
submitted an application for an operating license or combined license
currently under review by the Commission must amend their applications
to include a cyber security plan. For both current and new licensees,
the cyber security plan will become part of the licensee's licensing
basis in the same manner as other security plans.
Mitigative Strategies and Response Procedures for Potential or
Actual Aircraft Attacks. These requirements appear in new Sec.
50.54(hh). Section 50.54(hh)(1) establishes the necessary regulatory
framework to facilitate consistent application of Commission
requirements for preparatory actions to be taken in the event of a
potential or
[[Page 13928]]
actual aircraft attack and mitigation strategies for loss of large
areas due to fire and explosions. Section 50.54(hh)(2) requires
licensees to develop guidance and strategies for addressing the loss of
large areas of the plant due to explosions or fires from a beyond-
design basis event through the use of readily available resources and
identification of potential practicable areas for the use of beyond-
readily-available resources. Requirements similar to these were
previously imposed under section B.5 of the February 25, 2002, ICM
order; specifically, the ``B.5.a'' and the ``B.5.b'' provisions.
Access Authorization Enhancements. Section 73.56 has been
substantially revised to incorporate lessons learned from the
Commission's implementation of the January 7, 2003 order requirements
and to improve the integration of the access authorization and security
program requirements. The final rule includes an increase in the rigor
for many elements of the pre-existing access authorization program
requirements. In addition, the access authorization requirements
include new requirements for individuals who have electronic means to
adversely impact facility safety, security, or emergency preparedness;
enhancements to the psychological assessments requirements; requires
information sharing between reactor licensees; expanded behavioral
observation requirements; requirements for reinvestigations of criminal
and credit history records for all individuals with unescorted access;
and 5-year psychological reassessments for certain critical job
functions.
Training and Qualification Enhancements. These requirements are set
forth in appendix B to part 73 and include modifications to training
and qualification program requirements based on insights gained from
implementation of the security orders, Commission reviews of site
security plans, implementation of the enhanced baseline inspection
program, and insights gained from evaluations of force-on-force
exercises. These new requirements include additional requirements for
unarmed security personnel to assure these personnel meet minimum
physical requirements commensurate with their duties. The new
requirements also include a minimum age requirement of 18 years for
unarmed security officers, enhanced minimal qualification scores for
testing required by the training and qualification plan, enhanced
qualification requirements for security trainers, armorer certification
requirements, program requirements for on-the-job training, and
qualification requirements for drill and exercise controllers.
Physical Security Enhancements. The rule imposes new physical
security enhancements in the revised Sec. 73.55 that were identified
by the Commission during implementation of the security orders, reviews
of site security plans, implementation of the enhanced baseline
inspection program, and NRC evaluations of force-on-force exercises.
Significant new requirements in Sec. 73.55 include a requirement that
the central alarm station (CAS) and secondary alarm station (SAS) have
functionally equivalent capabilities so that no single act in
accordance with the design basis threat of radiological sabotage could
disable the key functions of both CAS and SAS. Additions also include
requirements for new reactor licensees to locate the SAS within a
site's protected area, ensure that the SAS is bullet resistant, and
limit visibility into the SAS from the perimeter of the protected area.
Revisions to Sec. 73.55 also include requiring uninterruptible backup
power supplies for detection and assessment equipment, video image
recording capability, and new requirements for protection of the
facility against waterborne vehicles.
D. Significant Changes in the Final Rule
A number of significant changes were made to the proposed rule as a
result of public comments, and they are now reflected in the final
rule. Those changes are outlined as follows:
Separation of Enhanced Weapons and Firearms Background Check
Requirements. As noted previously, Section 161A of the AEA permits the
Commission to authorize the use of certain enhanced weapons in the
protective strategies of certain designated licensees once guidelines
are developed by the Commission and approved by the Attorney General.
In anticipation of the completion of those guidelines and the Attorney
General's approval, the Commission had included in the proposed rule
several provisions that would implement its proposed requirements
concerning application for and approval of the use of enhanced weapons
and firearms background checks. However, because the guidelines had not
yet received the approval of the Attorney General as the final rule was
submitted to the Commission, the Commission decided to address that
portion of the proposed rule in a separate rulemaking. Once the final
guidelines are approved by the Attorney General and published in the
Federal Register, the Commission will take appropriate action to codify
the Section 161A. authorities.
Cyber Security Requirements. Another change to this final
rulemaking is the relocation of cyber security requirements. Cyber
security requirements had been located in the proposed rule in Sec.
73.55(m). These requirements are now placed in new Sec. 73.54 as a
separate section within part 73. These requirements were placed in a
stand-alone section to enable the cyber security requirements to be
made applicable to other types of facilities and applications through
future rulemakings.
Establishing these requirements as a stand-alone section also
necessitated creating accompanying licensing requirements. Because the
cyber security requirements were originally proposed as part of the
physical security program and thus the physical security plan, a
licensee's cyber security plan under the proposed rule would have been
part of the license through that licensing document. Once these
requirements were separated from proposed Sec. 73.55, the Commission
identified the need to establish separate licensing requirements for
the licensee's cyber security plan that would require the plan to be
part of a new application for a license issued under part 50 or part
52, as well as continue to be a condition of either type of license.
Conforming changes were therefore made to sections Sec. Sec. 50.34,
50.54, 52.79, and 52.80 to address this consideration. As noted
previously and in Sec. 73.54, for current reactor licensees, the rule
requires the submission of a new cyber security plan to the Commission
for review and approval within 180 days of the effective date of the
final rule. Current licensees are required to submit their cyber
security plans by way of a license amendment pursuant to 10 CFR Sec.
50.90. In addition, applicants for an operating license or combined
license who have submitted their applications to the Commission prior
to the effective date of the rule are required to amend their
applications to the extent necessary to address the requirements of
Sec. 73.54.
Performance Evaluation Program Requirements. The Performance
Evaluation Program requirements that were in proposed appendix C to
part 73, are moved in their entirety to appendix B to part 73 as these
requirements describe the development and implementation of a training
program for training the security force in the response to contingency
events.
Mitigative Strategies and Response Procedures for Potential or
Actual Aircraft Attacks. Another significant change to this rulemaking
is the
[[Page 13929]]
relocation of and the addition of clarifying rule language to the
beyond-design basis mitigative measures and potential aircraft threat
notification requirements that were previously located in proposed part
73, appendix C. Those requirements are now set forth in 10 CFR
50.54(hh). This change was made, in part, in response to stakeholder
comments that part 73, appendix C, was not the appropriate location for
these requirements because the requirements were not specific to the
licensee's security organization. The Commission agreed and relocated
the requirements accordingly and provided more details to the final
rule language to ensure that the intent of these requirements is clear.
As noted previously, the Commission issued a supplemental proposed rule
seeking additional stakeholder comment on these proposed changes to the
rule. More detail on this provision is provided in Section III of this
document.
Section 73.71 and Appendix G to Part 73. The proposed power reactor
security rulemaking contained proposed requirements for Sec. 73.71 and
appendix G to part 73. Based on public comments, the Commission
intended to make few changes to these regulations. However, these
provisions are not contained in this final rulemaking. Because the
enhanced weapons rulemaking (discussed previously) will include
potential changes to Sec. 73.71 and appendix G to part 73, the
Commission decided that revisions to these regulations were better
suited for that rulemaking.
Security Plan Submittal Requirements. The proposed rule would have
required current licensees to revise their physical security plan,
training and qualification plans, and safeguards contingency plan to
incorporate the new requirements and to submit these security plans for
Commission review and approval. The final rule no longer requires these
security plans (with the exception of the cyber security plan as
discussed previously) to be submitted for prior Commission review and
approval and instead allows licensees to make changes in accordance
with existing licensing provisions such as Sec. 50.54(p) or Sec.
50.90, as applicable. The Commission determined that this was an
acceptable approach because most of the requirements established by
this rule are substantially similar to the requirements that had been
imposed by the security orders and because all licensee security plans
were recently reviewed and approved by the Commission in 2004 following
issuance of those orders. Additionally, many of the additional
requirements in the final rule are already current practices that were
implemented following an industry-developed, generic, security plan
template that was reviewed and approved by the Commission. For the
requirements that go beyond current practices, the Commission does not
expect that changes required by this rule would result in a decrease of
effectiveness in a licensee's security plan. For implementation of
those new requirements, licensees should, therefore, consider whether
their plans could be revised in accordance with the procedures
described in Sec. 50.54(p). However, if a licensee believes that a
plan change may reduce the effectiveness of a security plan or if the
licensee desires Commission review and approval of the plan change,
then the proposed plan revision should be submitted to the NRC for
review and approval as a license amendment per Sec. 50.90.
With respect to applicants who have already submitted an
application to the Commission for an operating license or combined
license as of the effective date of this rule, those applicants are
required by this rule to amend their applications to the extent
necessary to address the requirements of the new rule.
Implementation of the Final Rule. The final rule is effective 30
days following date of publication. This permits applicability of the
rule's requirements to new reactor applicants at the earliest possible
date. Current licensees are required to be in compliance with the rule
requirements by March 31, 2010.
Definitions. The proposed rule contained a number of definitions,
primarily related to the proposed enhanced weapons requirements. As
noted previously, the enhanced weapons provisions and firearms
backgrounds checks have been separated into a separate rulemaking so
codifying those definitions is no longer appropriate in this
rulemaking. Regarding the other proposed rule definitions of safety/
security interface, security officer, and target sets, these terms are
addressed in guidance, and accordingly the final rule does not contain
these definitions.
EPAct 2005 Provisions. As noted above, the proposed rule contained
a number of proposed requirements that were designed to address
security-related provisions of the EPAct 2005. With respect to Section
653 of the EPAct 2005, enhanced weapons and firearms background check
requirements have been moved to a separate rulemaking. The only other
provisions of the EPAct 2005 that the Commission had considered during
this rulemaking were in Section 651, which concerns matters related to
the triennial Commission-evaluated, force-on-force exercises, the NRC's
mitigation of potential conflicts of interest in the conduct of such
exercises, and the submission of annual reports by the NRC to Congress.
Because the statute requires the NRC to be directly responsible for
implementation of those requirements, the Commission has determined
that there is no need for them to be specifically reflected in the
NRC's regulations. The NRC has fully complied with all of the
requirements of Section 651 in its conduct of force-on-force
evaluations since the EPAct 2005, and has submitted three annual
reports to Congress during that time. Further discussion of and the
Commission's response to a comment on this issue are provided below in
Section III.
E. Conforming and Corrective Changes
Conforming changes to the requirements listed below are made to
ensure that cross-referencing between the various security regulations
in part 73 is preserved, implement cyber security plan submittal
requirements, and preserve requirements for licensees who are not
within the scope of this final rule. The following requirements contain
conforming changes:
Section 50.34, ``Contents of construction permit and
operating license applications; technical information,'' is revised to
align the application requirements with appendix B to 10 CFR part 73,
the addition of Sec. 73.54 to part 73, and the addition of Sec.
50.54(hh) to part 50.
Section 50.54, ``Conditions of licenses,'' is revised to
conform with the revisions to sections in appendix C to 10 CFR Part 73.
In accordance with the introductory text to Sec. 50.54, revisions to
this section are also made applicable to combined licenses issued under
part 52.
Section 52.79, ``Contents of applications; technical
information in the final safety analysis report,'' is revised to align
the application requirements with the revisions to appendix C to 10 CFR
Part 73 and the addition of Sec. 73.54 to Part 73.
Section 52.80, ``Contents of applications; additional
technical information,'' is revised to add the application requirements
for Sec. 50.54(hh) to part 50.
Section 72.212, ``Conditions of general license issued
under Sec. 72.210,'' is revised to reference the appropriate revised
paragraph designations in Sec. 73.55.
Section 73.8, ``Information collection requirements: OMB
approval,'' is revised to add the new
[[Page 13930]]
requirements (Sec. Sec. 73.54 and 73.58) to the list of sections with
Office of Management and Budget (OMB) information collection
requirements. A corrective revision to Sec. 73.8 is made to reflect
OMB approval of existing information collection requirements for NRC
Form 366 under existing Sec. 73.71.
Section 73.70, ``Records,'' is revised to reference the
appropriate revised paragraph designations in Sec. 73.55 regarding the
need to retain a record of the registry of visitors.
Additionally, Sec. 73.81, ``Criminal penalties,'' which sets forth
the sections within part 73 that are not subject to criminal sanctions
under the AEA, remains unchanged because willful violations of the new
Sec. Sec. 73.54 and 73.58 may be subject to criminal sanctions.
Appendix B to part 73 and appendix C to part 73 require special
treatment in this final rule to preserve, with a minimum of conforming
changes, the current requirements for licensees and applicants who are
not within the scope of this final rule, such as Category I strategic
special nuclear material licensees and research and test reactor
licensees. Accordingly, Sections I through V of appendix B to part 73
remain unchanged to preserve the current training and qualification
requirements for all applicants, licensees, and certificate holders who
are not within the scope of this final rule, and the new language for
power reactor security training and qualification (revised in this
final rule) is added as Section VI. Part 73, appendix C, is divided
into two sections, with Section I maintaining all current requirements
for licensees and applicants not within the scope of this final rule,
and Section II containing all new requirements related to power reactor
contingency response.
II. Petitions for Rulemaking
Three petitions for rulemaking were considered during the
development of the final rule requirements consistent with previous
petition resolution and closure process for these petitions (i.e., PRM-
50-80, PRM-73-11, and PRM-73-13). All three petitions are closed, and
the discussion that follows provides the Commission's consideration of
the issues raised in each petition as part of the development of the
final power reactor security requirements.
A. PRM-50-80
PRM-50-80, submitted by the Union of Concerned Scientists (UCS) and
the San Luis Obispo Mothers for Peace (SLOMFP), was published for
public comment on June 16, 2003, (68 FR 35568). The petition requested
that the Commission take two actions. The first action was to amend 10
CFR 50.54(p), ``Conditions of licenses,'' and 10 CFR 50.59, ``Changes,
tests, and experiments,'' to require licensees to evaluate whether
proposed changes, tests, or experiments cause protection against
radiological sabotage to be decreased and, if so, to conduct such
actions only with prior Commission approval. The second action
requested that the Commission amend 10 CFR Part 50 to require licensees
to evaluate their facilities against specified aerial hazards and make
necessary changes to provide reasonable assurance that the ability of
the facility to reach and maintain safe shutdown would not be
compromised by an accidental or intentional aerial assault. The second
action (regarding aerial hazards) was previously considered and
resolved as part of the final design basis threat (DBT) (Sec. 73.1)
rulemaking (March 19, 2007; 72 FR 12705). On November 17, 2005, (70 FR
69690), the Commission decided to consider the petitioner's first
request for rulemaking (i.e., evaluation of proposed changes, tests, or
experiments to determine whether radiological sabotage protection is
decreased). Proposed language addressing the issues raised in the
petition was published as proposed Sec. 73.58, ``Safety/security
interface requirements for nuclear power reactors.'' This section
remains in the final rule. Refer to the section-by-section analysis in
this document, supporting Sec. 73.58 for further discussion of the
safety/security interface requirements.
B. PRM-73-11
PRM-73-11, submitted by Scott Portzline, Three Mile Island Alert,
was published for public comment on November 2, 2001 (66 FR 55603). The
comment period closed on January 16, 2002. Eleven comment letters were
received. Of the 11 comments filed, 7 were from governmental
organizations, 2 were from individuals, and 2 were from industry
organizations. The majority of the comments support the petitioner's
recommendation.
The petitioner requested that the NRC regulations governing
physical protection of plants and materials be amended to require NRC
licensees to post at least one armed guard at each entrance to the
``owner controlled areas'' (OCA) surrounding all U.S. nuclear power
plants. The petitioner stated that this should be accomplished by
requiring the addition of armed site protection officers (SPO) to the
total number of SPOs--not by simply shifting SPOs from their protected
area (PA) posts to the OCA entrances. The petitioner believes that the
proposed amendment would provide an additional layer of security that
would complement existing measures against radiological sabotage and
would be consistent with the long-standing principle of defense-in-
depth.
In a Federal Register Notice published December 27, 2006 (72 FR
481), the Commission informed the public that PRM-73-11 and the public
comments filed on the petition would be considered in this final rule.
Consideration of PRM-73-11 and the associated comments was undertaken
as part of the effort to finalize the requirements governing security
in the OCA.
The Commission has concluded that prescriptively requiring armed
security personnel in the OCA is not necessary. Instead, the final
physical security requirements in Sec. 73.55(k) allows licensees the
flexibility to determine the need for armed security personnel in the
OCA, as a function of site-specific considerations, such that the
licensee can defend against the DBT with high assurance. In reaching
this determination, the Commission recognized that the requirements
governing protective strategies must be more performance-based to
enable licensees to adjust their strategies to address the site-
specific circumstances and that a prescriptive requirement for armed
security personnel in the owner controlled area may not always be the
most effective approach for every licensee in defending against the
DBT. The Commission constructed the final physical security
requirements, recognizing the range of site-specific circumstances that
exist, to put in place the performance objectives that must be met, and
where possible, provided flexibility to licensees to construct
strategies that meet the objectives.
C. PRM-73-13
PRM-73-13, submitted by David Lochbaum, Union of Concerned
Scientists, was published for public comment on April 9, 2007 (72 FR
17440) and the comment period closed June 25, 2007.
The petitioner requested that the Commission amend part 73 to
require that licensees implement procedures to ensure that, when
information becomes known to a licensee about an individual seeking
access to the protected area that would prevent that individual from
gaining unescorted access to the protected area of a nuclear power
plant, the licensee will implement measures to ensure the individual
does not enter the protected area, whether escorted or not. Further,
the petitioner requested that the NRC's regulations be amended to
[[Page 13931]]
require that, when sufficient information is not available to a
licensee about an individual seeking access to the protected area to
determine whether the criteria for unescorted access are satisfied, the
licensee will implement measures to allow that individual to enter the
protected area only when escorted at all times by an armed member of
the security force who maintains communication with security
supervision.
The Commission determined that the issues raised in PRM-73-13 were
appropriate for consideration and were in fact issues already being
considered in the Power Reactor Security Requirements rulemaking.
Accordingly, the issues raised by PRM-73-13 and the public comments
received were considered as part of the effort to finalize the
requirements that govern escort and access within the protected area
(refer to requirements in Sec. 73.55(g) and Sec. 73.56(h) for the
specific final rule requirements).
The Nuclear Energy Institute (NEI) commented on PRM-73-13, with 11
other industry organizations agreeing (hereafter referred to
collectively as commenters). The commenters agreed that the
petitioner's first request (with regard to preventing an individual to
have access to the protected area when derogatory information becomes
known) should be issued as a notice of proposed rulemaking. Neither NEI
nor any of the other commenters commented on any of the specific
language proposed by the petitioner. With regard to the second
provision proposed by the petitioner (requiring armed escorts for
certain visitors), the commenters did not agree with the proposal. The
commenters argued that the use of trained individuals, though not
necessarily armed, in conjunction with search equipment and techniques
as well as the limitation placed on visitors (i.e., that visitors must
have a ``work-related need'' for entry into the PA) have resulted in no
incidents that warrant imposing this new requirement.
The Commission has decided not to adopt either proposal. Regarding
the petitioner's second proposal, the Commission agrees with the
commenters that the current protective measures for escorted personnel
are sufficient to protect against the scenario presented by the
petitioner. Licensee escorted access programs have been in place for
years without incident, and the petitioner has not provided a basis
that raises questions about their sufficiency.
With respect to the petitioner's first proposal, the Commission
does not agree that the NRC's unescorted access requirements described
in Sec. 73.56 and Sec. 73.57 need to contain prescriptive
disqualifiers for access. Licensees are required by Sec. 73.56(h) in
this final rule to consider all of the information obtained in the
background investigation for determining whether an individual is
trustworthy and reliable before granting unescorted access. With the
exception of individuals who have been denied access to another
facility, the regulation does not specify types of information obtained
during a background investigation that would automatically disqualify
an individual from access. The final rule Sec. 73.55(g)(7), however,
does have several restrictions on escorted access (visitors) including
verification of identity, verification of reason for business inside
the protected area, and collection of information (visitor control
register) pertaining to the visitor. In addition, there are several
conditions that individuals who escort the visitor must adhere to
including continuous monitoring of the visitor while inside the
protected area, having a means of timely communication with security,
and having received training on escort duties. Lastly, licensees may
not allow any individual who is currently denied access at any other
facility to be a visitor.
Furthermore, the petitioner's suggested language that a licensee
must act to deny escorted access when such information ``becomes known
to the licensee'' is unworkable from a regulatory perspective. It is
unclear what the NRC could impose on licensees as an enforceable
standard for such a scenario. In order to avoid potential enforcement
action, a licensee would be put in a position to conduct a full
background investigation on a visitor each time access is requested,
which would undermine the entire purpose behind having the ability to
escort visitors on site, or, in accordance with the petitioner's second
suggestion, assign an armed security officer to escort that individual.
The Commission does not have a basis to impose either measure, and the
petitioners have not provided a basis in support of it. Section
73.55(g), however, does not allow individuals currently denied access
at other facilities to be a visitor.
III. Discussion of Substantive Changes and Responses to Significant
Comments
A. Introduction
A detailed discussion of the public comments submitted on the
proposed power reactor security rule and supplemental proposed rule as
well as the Commission's responses are contained in a separate document
(see Section VII, ``Availability of Documents,'' of this document).
This section discusses the more significant comments submitted on the
proposed power reactor security provisions and the substantive changes
made to develop the final power reactor security requirements.
The changes made to the power reactor security requirements are
discussed by part, with changes to part 50 requirements being discussed
first, followed by the changes to part 73 requirements, and proceeding
in numerical order according to the section number. General topics are
discussed first, followed by discussion of changes to individual
sections as necessary. In addition to the substantive changes, rule
language was revised to make conforming administrative changes, correct
typographic errors, adopt consistent terminology, correct grammar, and
adopt plain English. These changes are not discussed further.
Note that some of the final rule requirements were relocated. An
example is the cyber security requirements that were issued as proposed
Sec. 73.55(m) and now reside in Sec. 73.54.
Comments on the three PRMs are not explicitly addressed in the
detailed comments response document, beyond those discussed earlier in
Section II of this document, as this document addresses only the
comments submitted on the proposed rule. However, the petitioner's
comments were considered as part of the Commission's decision-making
process and final determination of the rule requirements for each of
the areas of concern.
Comments on the supporting regulatory analysis of the proposed rule
are also contained in the detailed comment response document. Revisions
to the final rule regulatory analysis were made consistent with the
comment responses and these comments are not addressed further in this
section.
The Commission solicited public comment on a number of specific
issues but received input on only one of these specific issues.
Specifically, the Commission requested stakeholders to provide insights
and estimates on the feasibility, costs, and time necessary to
implement the proposed rule changes to existing alarm stations,
supporting systems, video systems, and cyber security. A commenter
stated that the feasibility of establishing a cyber security program
for industrial control systems has been demonstrated by various
electric utilities, chemical plants, refineries, and other facilities
with systems similar, if not identical, to those used in the balance-
of-plant in commercial nuclear plants. The
[[Page 13932]]
commenter stated that the time and cost necessary to implement a cyber
security program is dependent on the scope and discussed the
technologies and programmatic approaches that can be pursued to augment
current industry-proposed generic recommendations. The Commission
focused significant attention on the cyber requirements and supporting
guidance during development of the final cyber security requirements in
Sec. 73.54 as discussed below.
In general, there was a range of stakeholder views concerning this
rulemaking, some supporting the rulemaking, others opposing the
rulemaking. Some stakeholders viewed this rulemaking as an effort to
codify the insufficient status quo while others described the new
requirements as going well beyond the post-September 11, 2001, order
requirements. The Commission believes that commenters who suggested
that the Commission had no basis to go beyond the requirements that
were imposed by the security orders misunderstood the relationship of
those orders and the rulemaking. The security orders were issued based
on the specific knowledge and threat information available to the
Commission at the time the orders were issued. The Commission advised
licensees who received those orders that the requirements were interim
and that the Commission would eventually undertake a more comprehensive
re-evaluation of current safeguards and security programs. As noted in
the proposed rule, there were a number of objectives for the rulemaking
beyond simply making generically applicable security requirements
similar to those that were imposed by Commission orders. The Commission
intended to implement several new requirements that resulted from
insights it gained from implementation of the security orders, review
of site security plans, implementation of the enhanced baseline
inspection program, and evaluation of force-on-force exercises. These
insights were obviously not available to the Commission when it issued
the original security orders in 2002 and 2003.
In addition, another key objective of this rulemaking was to update
the regulatory framework in preparation for receiving license
applications for new reactors. The current security regulations in part
73 have not been substantially revised for nearly 30 years. Before
September 11, 2001, the NRC staff had already undertaken an effort to
revise these dated requirements, but that effort was delayed (See SECY-
01-0101, June 4, 2001). Thus, this rulemaking addresses a broader
context of security issues than the focus of the security orders of
2002 and 2003. One significant issue in particular was the need for
clearly articulated security requirements and a logical regulatory
framework for new reactor applicants. The revisions to part 73 were
also intended to provide it with needed longevity and predictability
for current and future licensees with a measured attempt to anticipate
future developments or needs in physical protection.
B. Section 50.54(hh), Mitigative Strategies and Response Procedures for
Potential or Actual Aircraft Attacks
As noted previously, a significant change to this final rule is the
relocation of and provision of more detailed requirements for the
beyond-design basis mitigative measures and potential aircraft attack
notification requirements from proposed part 73, appendix C, to 10 CFR
50.54(hh). The Commission received several stakeholder comments that
the proposed part 73, appendix C, was not the appropriate location for
these requirements. During consideration of these comments, the
Commission also decided to add additional detail to the aircraft attack
notification portion of the requirements now located in Sec.
50.54(hh)(1). In response, the Commission issued a supplemental
proposed rule seeking additional stakeholder comment on these proposed
revisions on April 10, 2008, (73 FR 19443) for a 30 day comment period.
The Commission received six sets of comments on the supplemental
proposed rule. The responses to those comments are discussed as
follows.
The Commission revised the final rule language for Sec.
50.54(hh)(1)(ii) in response to comments that the final rule should
only require periodic updates to applicable entities or that
communications should be maintained ``as necessary and as resources
allow.'' The Commission intended the continuous communication
requirement to apply to licensees only with respect to aircraft threat
notification sources and not to all offsite response or government
organizations. The Federal Aviation Administration (FAA) local,
regional, or national offices; North American Aerospace Defense Command
(NORAD); law enforcement organizations; and the NRC Headquarters
Operations Center are examples of threat notification sources with
which licensees would be required to maintain a continuous
communication capability. If a licensee encounters a situation in which
multiple threat notification sources (e.g., FAA, NORAD, and NRC
Headquarters Operations Center) are providing the same threat
information, the licensee would only be required to maintain continuous
communication with the NRC Headquarters Operations Center. Because
licensees need to be aware when they can cease or must accelerate
mitigative actions, it is important that licensees do not lose contact
with aircraft threat notification sources. Periodic updates to entities
other than threat notification sources are permitted by this final
rule.
In response to comments that Sec. Sec. 50.54(hh)(1)(iii),
50.54(hh)(1)(iv), and 50.54(hh)(1)(vi) requirements were redundant to
those found in the NRC's existing emergency preparedness rules, the
Commission revised the final rule language for each of those paragraphs
to clarify the Agency's intent and to eliminate the appearance of
redundant requirements vis-[agrave]-vis the emergency preparedness
rules, which are also currently being revised. The intent of Sec.
50.54(hh)(1)(iii) is to ensure that licensees contact offsite response
organizations as soon as possible after receiving aircraft threat
notifications. There is no expectation that licensees will complete and
disseminate notification forms as the previous rule text implied.
Section 50.54(hh)(1)(iv) pertains to operational actions that licensees
can take to mitigate the consequences of an aircraft impact; the
Commission did not intend this requirement to include emergency
preparedness-related protective actions. In Sec. 50.54(hh)(1)(vi), the
Commission intended to require licensees to disperse essential
personnel and equipment to pre-identified locations after receiving
aircraft threat notifications, but before actual aircraft impacts, when
possible. Also, the requirement for licensees to facilitate rapid entry
into their protected areas applies only to those onsite personnel and
offsite responders who are necessary to mitigate the event and not to
everyone who was initially evacuated from the protected areas.
The Commission revised the statements of consideration for Sec.
50.54(hh)(1)(vi) in response to a comment that meeting the rule might
require licensees to suspend security measures under 10 CFR 50.54(x).
The Commission elaborated on the specific intent of the protected area
evacuation timeline assessment and validation, which is to require
licensees to establish a decision-making tool for use by shift
operations personnel to assist them in determining the appropriate
onsite protective action for site personnel for various warning times
and site population conditions. The Commission
[[Page 13933]]
expects that licensees will incorporate this tool into applicable site
procedures to reduce the need to make improvised decisions that would
necessitate a suspension of safeguards measures during the pre-event
notification period. However, the Commission wishes to make clear that
the suspension of security measures to protect the health and safety of
security force personnel during emergencies is now governed by Sec.
73.55(p)(1)(i) as codified in this final rule. Previously, there was no
specific provision in the Commission's regulations that would have
permitted such a departure, because under Sec. 50.54(x), licensees are
only permitted to suspend security measures if the health and safety of
the public was at risk. Note that, in a Sec. 50.54(hh) scenario,
either Sec. Sec. 50.54(x) or 73.55(p) could be applicable depending on
the circumstances.
The Commission revised the final rule requirements in Sec.
50.54(hh) in response to a comment that the final rule should include
an applicability statement that removes the requirements of Sec.
50.54(hh) from reactor facilities currently in decommissioning and for
which the certifications required under Sec. 50.82(a)(1) have been
submitted. The commenter indicated that it is inappropriate that Sec.
50.54(hh) should apply to a permanently shutdown and defueled reactor
where the fuel was removed from the site or moved to an independent
spent fuel storage installation (ISFSI). The NRC agrees with this
comment and revised the final requirements in Sec. 50.54(hh) so they
do not apply to facilities for which certifications have been filed
under Sec. 50.82(a)(1) or Sec. 52.110(a)(1). The Commission notes
that Sec. 50.54(hh) does not apply to any current decommissioning
reactor facilities that have already satisfied the Sec. 50.82(a)
requirements.
The Commission requested stakeholder feedback on two questions in
the supplemental proposed rule. Regarding the first question in the
supplemental proposed rule notice where the Commission requested input
on whether there should be additional language added to the proposed
Sec. 50.54(hh) requirements that would limit the scope of the
regulation (i.e., language that would constrain the requirements to a
subset of beyond-design basis events such as beyond-design basis
security events), commenters indicated that the Commission should
constrain the requirements to a subset of beyond-design basis events;
namely beyond design basis security events. The feedback suggested
that, by limiting the rule requirements to strategies that address a
generic set of beyond-design basis security events, the strategies
could then be developed and proceduralized to focus on the restoration
capabilities needed to mitigate the effects from these events. After
careful consideration, the Commission decided to maintain the language
from the supplemental proposed rule that recognizes that the mitigative
strategies can address losses of large areas of a plant and the related
losses of plant equipment from a variety of causes including aircraft
impacts and beyond-design basis security events. The Commission also
requested comments on whether applicants should include, as part of a
combined license or operating license application, the Sec. 50.54(hh)
procedures, guidance, and strategies. Commenters indicated that this
information will not be needed until fuel load, when an aircraft threat
would be present. The most appropriate and efficient process for the
Commission is to review these procedures as part of the review of
operations procedures and beyond-design basis guidelines. The
Commission views the mitigative strategies as similar to those
operational programs for which a description of the program is provided
and reviewed by the Commission as part of the combined license
application and subsequently the more detailed procedures are
implemented by the applicant and inspected by the NRC before plant
operation. Because the Commission finds that the most effective
approach is for the mitigative strategies, at least at the programmatic
level, to be developed before construction and reviewed and approved
during licensing, a requirement for information has been added to Sec.
52.80, ``Contents of applications; additional technical information,''
and Sec. 50.34, ``Contents of construction permit and operating
license applications; technical information.''
C. Section 73.2, Definitions
The proposed rule contained a number of definitions, primarily
related to the proposed enhanced weapons requirements. As noted
earlier, the enhanced weapons provisions and firearms backgrounds
checks have been separated into a separate rulemaking, so codifying
those definitions is no longer appropriate here. Regarding the other
definitions of safety/security interface, security officer, and target
sets; the Commission has determined that those terms are better defined
through guidance.
D. Section 73.54, Protection of Digital Computer and Communication
Systems and Networks
General Comments. Proposed Sec. 73.55(m) is relocated in the final
rule to a stand-alone section (10 CFR 73.54). The Commission received
several comments that the inclusion of a cyber security program within
the proposed Sec. 73.55(m) is not appropriate because cyber security
is not implemented by physical security personnel. The Commission
agrees that the cyber security program would not necessarily be
implemented by security personnel and recognizes that a uniquely
independent technical expertise and knowledge is required to
effectively implement the cyber security program. Additionally, these
requirements were placed into a stand alone section to enable the cyber
security requirements to be made applicable to other types of
facilities and applications through future rulemakings. The rule now
requires that these requirements apply to nuclear power plant licensees
in the same manner as the access authorization program required by
Sec. 73.56; the cyber security plan is subject to the same licensing
requirements as the licensee's physical security, training and
qualification, and safeguards contingency plans. In relocating these
requirements, the Commission concluded that certain administrative
requirements, otherwise applied by inclusion in Sec. 73.55, must be
brought forward for consistency. As a result, conforming changes were
made to the pre-existing Sec. Sec. 50.34(c) and 50.34(e) to establish
the appropriate regulatory framework for Commission review and approval
of the cyber security plan required by Sec. 73.54(e). These conforming
changes require nuclear power reactor applicants to provide a cyber
security plan as part of the security plans currently required by
Sec. Sec. 50.34(c) or 52.79(a)(36), as applicable. Additionally,
conforming changes were made to Sec. 50.54(p), applicable to both
operating and combined licensees, to require a cyber security plan as a
condition of the license. Conforming changes were also made to
Sec. Sec. 50.34(e) and 52.79(a)(36) to require applicants to review
this plan against the criteria for Safeguards Information established
in Sec. 73.21. Consistent with Sec. 73.54(b)(3), the cyber security
program is a part of the physical protection program subject to the
same review and approval mechanisms as the physical security plan,
training and qualification plan, and safeguards contingency plan.
[[Page 13934]]
The Commission has also added three (3) administrative requirements
to the final rule (Sec. Sec. 73.54(f), 73.54(g), and 73.54(h)) to
require written policies and procedures, program review, and records
retention, respectively.
In addition to the previously mentioned conforming changes, the
Commission added an undesignated paragraph at the beginning of this
section to require current licensees subject to Sec. 73.54 to submit a
cyber security plan and implementation schedule for Commission review
and approval. The licensee's cyber security plan must be submitted by
way of a license amendment pursuant to 10 CFR 50.90.
Section 73.54(a), Protection. The Commission received a comment
suggesting that the term ``emergency preparedness,'' as it appears in
the proposed Sec. 73.55(m)(1), should be replaced with the term
``emergency response.'' In the final rule, the term ``emergency
preparedness'' is replaced with the more generic term ``emergency
preparedness functions.'' The equipment embodied within these
preparedness functions as described in 10 CFR Part 50, appendix E,
usually includes a wide variety of plant monitoring systems, protection
systems, and the onsite and offsite emergency communications systems
used during an emergency event.
The term ``emergency response'' suggested by the commenter is used
more specifically to refer only to the ``emergency response data
system'' or ERDS, which provides a data link that transmits key plant
parameters. Therefore, using the term ``emergency preparedness
functions'' is considered the most appropriate term as it holistically
addresses the equipment used during an emergency.
The Commission revised the proposed Sec. 73.55(m)(1) which is
renumbered in the final rule as Sec. 73.54(a). This paragraph has been
expanded to provide a more detailed list of the types of systems and
networks that are intended to be included consistent with the proposed
rule. The language in Sec. 73.54(a)(1)(ii) is revised to clarify that
``digital computer and communications systems and networks'' must be
considered for protection. It is important to note that the Commission
does not intend that CAS or SAS operators be responsible for cyber
security detection and response but rather that this function will be
performed by technically trained and qualified personnel.
Section 73.54(b), Analysis of Digital Computer and Communication
Systems and Networks. The requirement to document a site-specific
analysis that identifies site-specific conditions has been brought
forward from Sec. 73.55(b)(4). The rule is clarified to require that
each licensee analyze the digital computer and communication systems
and networks in use at their facility to identify those assets that
require protection against the design basis threat.
The proposed Sec. 73.55(m)(1) requirement to establish, implement,
and maintain a cyber security program is renumbered in the final rule
as Sec. 73.54(b)(2). The rule requires that the cyber security program
will include measures for the adequate protection of the digital
computer and communication systems and networks identified by the
licensee through the required site-specific analysis stated in Sec.
73.54(b)(1).
The proposed Sec. 73.55(m)(1)(ii) is renumbered in the final rule
as Sec. 73.54(b)(3). The Commission received several comments that the
cyber security program is not appropriate for incorporation into the
physical security program and, therefore, should not be implemented
through the security organization. The Commission agrees in part. Cyber
security, like physical security, focuses on the protection of
equipment and systems against attacks by those individuals or
organizations that would seek to cause harm, damage, or adversely
affect the functions performed by such systems and networks. Cyber
security and physical security programs are intrinsically linked and
must be integrated to satisfy the physical protection program design
criteria of Sec. 73.55(b). The Commission recognizes that a uniquely
independent technical expertise and knowledge is required to implement
the cyber security program effectively, and therefore, the specific
training and qualification requirements for the program must focus on
ensuring that the personnel are trained, qualified, and equipped to
perform their unique duties and responsibilities.
Section 73.54(c), Cyber Security Program. The proposed Sec.
73.55(m)(1)(iii) is renumbered in the final rule as Sec. 73.54(c) and
(c)(1), and is revised to clarify appropriate design requirements for
the cyber security program. The cyber security program must be designed
to implement security controls to protect the digital assets identified
by the paragraph (b)(1) analysis. To accomplish this, the final rule
Sec. 73.54(c)(2), (3), and (4) are added to clarify the performance
criteria to be met through implementation of the cyber security
program.
The Commission received a comment that the term ``protected
computer system'' in the proposed Sec. 73.55(m)(1)(iii) is not defined
and urged a more specific description. The Commission has deleted the
term ``protected computer system'' from the final rule and provided a
more detailed description of digital computer and communication systems
and networks in Sec. 73.54(a)(1).
The Commission received a comment that the high assurance
requirement of the proposed Sec. 73.55(m)(1) does not allow a licensee
to implement measures designed to ensure continued functionality.
Section 73.54(c)(4) has been revised to require the cyber security
program to be designed to ensure that the intended function of the
assets identified by Sec. 73.54(b)(1) are maintained.
The proposed Sec. 73.55(m)(5) is renumbered in the final rule as
Sec. 73.54(c)(2). The Commission received a comment to the proposed
Sec. 73.55(m)(5) that questioned whether the phrase ``defense-in-
depth'' in computer terminology was intended to include real-time
backup data. The Commission concluded that defense-in-depth for digital
computer and communication systems and networks includes technical and
administrative controls that are integrated and used to mitigate
threats from identified risks. The need to back-up data as part of a
defense-in-depth program is dependent upon the nature of the data
relative to its use within the facility or system.
Defense-in-depth is achieved when (1) a layered defensive model
exists that allows for detection and containment of non-authorized
activities occurring within each layer, (2) each defensive layer is
protected from adjacent layers, (3) protection mechanisms used for
isolation between layers employ diverse technologies to mitigate common
cause failures, (4) the design and configuration of the security
architecture and associated countermeasures creates the capability to
sufficiently delay the advance of an adversary in order for preplanned
response actions to occur, (5) no single points of failure exist within
the security strategy or design that would render the entire security
solution invalid or ineffective, and (6) effective disaster recovery
capabilities exist for protected assets.
The commenter also questioned how this requirement impacts the
video image recording system, which is a computer system required by
Sec. 73.55(e)(7)(i)(C). Based upon the licensee's site-specific
analysis, the video image recording system may be subject to this
requirement if it meets
[[Page 13935]]
the criteria stipulated in Sec. 73.54(a)(2), but it is not required to
be included by the final rule.
Section 73.54(d), Cyber-Related Training, Risk, and Modification
Management. The Commission has consolidated the proposed requirements
from Sec. Sec. 73.55(m)(2), (m)(6), and (m)(7) into one paragraph of
the Sec. 73.54(d) to require the development, implementation, and
maintenance of supporting programs within the cyber security program.
The Commission has moved proposed Sec. 73.54(m)(6) to Sec.
73.54(d)(3) and clarified it to require that an evaluation be performed
prior to modifications to protected digital assets to ensure that the
cyber performance objectives of Sec. 73.54 are maintained.
The Commission received a comment to the proposed rule Sec.
73.55(m)(2) requesting clarification of what is meant by
``assessment.'' The term ``assessment'' has been removed from the final
rule. To ensure that the measures used to protect digital computer and
communication systems and networks remain effective and continue to
meet high assurance expectations, the cyber security program must
evaluate and manage cyber risks. Licensees must evaluate changes to
systems and networks when (1) modifications are proposed for previously
analyzed systems and (2) new technology-related vulnerabilities, not
previously analyzed in the original analysis, that would act to reduce
the cyber security environment of the system are identified.
Section 73.54(e), Cyber Security Plan. The proposed Sec.
73.55(m)(1)(i) is renumbered in the final rule as Sec. 73.54(e). The
Commission added a new Sec. 73.54(e)(1) generically addressing the
content of the cyber security plan. The plan must describe and account
for any site-specific conditions that affect how Commission
requirements are implemented.
The proposed Sec. 73.55(m)(4)(ii) is deleted from the final rule.
Consistent with the removal of this section from the proposed Sec.
73.55(m), the Commission concluded that it is appropriate to address
the cyber security incident response and recovery plan in the cyber
security plan required by this section. The rule requires that the
cyber security incident response and recovery plan will be part of the
cyber security plan which in turn will be a component of the physical
security program.
The proposed Sec. Sec. 73.55(m)(4)(i) and (m)(4)(iii) are combined
and renumbered to the final rule Sec. 73.54(e)(2). The Commission
received a comment to the proposed Sec. 73.54(m)(4)(i) that there
should be a rule requirement prescribing the timeframe in which a
licensee must determine that a cyber attack is occurring or has
occurred and suggested that it be within minutes of the attack. The
Commission agrees with the commenter's concerns. The proposed Sec.
3.54(m)(4)(iii) is renumbered in the final rule as Sec. 73.54(e)(2)(i)
and is revised to require a description in the cyber plan of how the
licensee will maintain the capability for timely detection and response
to cyber attacks. Licensees are required to develop, implement, and
maintain a methodology for detecting cyber attacks; however, they are
not required to meet deterministic time limits for discovery of a cyber
attack. The cyber security program must be designed to ensure that
cyber attacks are detected and an appropriate response is initiated to
prevent the attack from adversely affecting the systems and networks
that must be protected. The Commission has concluded that the Sec.
73.54 performance-criteria and requirements ensure that detection and
response are appropriate.
Section 73.54(f), Policies and Procedures. The proposed Sec.
73.55(m)(3) is renumbered in the final rule as Sec. 73.54(f). The
Commission added Sec. 73.54(f) to clarify that policies, implementing
procedures, site-specific analysis, and other supporting technical
information used by the licensee need not be submitted for Commission
review and approval as part of the cyber security plan. However, this
information must be made available upon request by an authorized
representative of the Commission.
Section 73.54(g), Reviews. The Commission added the final rule
Sec. 73.54(g). The requirement for the review of the cyber security
program is subject to the same processes stipulated in Sec. 73.55(m),
``Security program reviews.''
Section 73.54(h), Records. The Commission added the final rule
Sec. 73.54(h). Consistent with establishing Sec. 73.54 as a stand-
alone 10 CFR section, this requirement for the retention of the cyber
security program records is brought forward from the final rule Sec.
73.55(q), ``Records.'' The expectation is that each licensee will
maintain the technical information associated with the assets
identified by the final rule Sec. 73.54(b)(1) that is pertinent to
compliance with Sec. 73.54.
E. Section 73.55, Requirements for Physical Protection of Licensed
Activities in Nuclear Power Reactors Against Radiological Sabotage
General Comments. The Commission received several general comments
which stated that the proposed Sec. 73.55 does not include
requirements for protection against aircraft attacks. As the Commission
recently stated in the final design basis threat rulemaking (72 FR
12705; March 19, 2007), the protection of NRC-regulated facilities
against aircraft attacks is beyond the scope of a licensee's
obligations. Accordingly, requiring specific measures for the
protection against aircraft attacks is beyond the scope of the
requirements presented in this section and, therefore, is not
addressed. The Commission nevertheless notes that there are
requirements in this rulemaking that address licensee actions that are
required to minimize the potential consequences of an aircraft impact
on a nuclear power plant. As noted previously, those requirements are
now located in Sec. 50.54(hh) as conditions of license.
Section 73.55(a), Introduction. The proposed Sec. 73.55(a) would
have required each licensee to submit, in their entirety, a revised
physical security plan, training and qualification plan, and safeguards
contingency plan for NRC review and approval within 180 days after the
effective date of the final rule. The Commission received several
comments stating that 180 days is not sufficient time to review and
understand the modifications that may be required for compliance with
the amended rule and to revise and submit amended security plans. In
response to the comments, the Commission determined that, with the
exception of the cyber security plan required by the new Sec. 73.54,
the majority of plan changes needed for compliance with the amended
requirements of this section are likely to be minimal and are not
anticipated to decrease the effectiveness of any particular licensee's
current security plan. Because the current NRC-approved security plans
already address the Commission's orders and pre-existing 10 CFR
requirements, the greatest impact of this final rule will be focused
primarily on those changes to plans and procedures needed to satisfy
the requirements that are identified as ``new.'' The rule requires that
by March 31, 2010, each currently operating reactor licensee must
evaluate, on a site-specific basis, what security plan changes are
needed to comply with the amended requirements of the rule. Those
changes must be incorporated
[[Page 13936]]
into their security plans, as necessary, by March 31, 2010. In doing
so, licensees are expected to follow the appropriate change processes
described currently in Sec. Sec. 50.54(p), 50.90, or 73.5. The
Commission acknowledges that based on site-specific conditions, a
limited number of plan changes may require Commission review and
approval before implementation and must be made through a license
amendment pursuant to 10 CFR Sec. 50.90 or a request for an exemption
per 10 CFR 73.5.
The Commission deleted the proposed requirements in Sec.
73.55(a)(2) and (a)(3) for consistency with the determination that
revised plans need not be submitted to the Commission for review and
approval.
The Commission added a requirement in Sec. 73.55(a)(2) that
licensees must identify, describe, and account for site-specific
conditions that affect the licensee's ability to satisfy the
requirements of this section in the NRC-approved security plans. This
requirement is added for consistency with revisions made to Sec.
73.55(b)(4) which requires each licensee to conduct a site-specific
analysis to identify such conditions.
The proposed Sec. 73.55(a)(4) is renumbered in the final rule as
Sec. 73.55(a)(3) with minor revision to delete reference to Commission
orders. One commenter asked the NRC to clarify its position with
respect to the ``legally-controlling document'' once it approves a
licensee security plan. Once a licensee has an approved security plan,
both the licensee's security plan and the Commission's regulations are
legally controlling. Regulations are legally controlling to the extent
that they set forth the regulatory framework and general performance
objectives of a licensee's security plan. The NRC-approved security
plan, in contrast, describes a licensee's method of complying with
those regulations including exemptions and approved alternatives.
However, that the NRC specifically approved a licensee's security plan
does not relieve the licensee from compliance with regulations.
To the extent that there are differences in a licensee's security
plan and the regulatory requirements, the Commission expects that those
differences would be specifically approved by the NRC, either in the
form of an NRC-granted exemption, or an NRC-approved ``alternative
measure'' as set forth in Sec. 73.55(r). The NRC recognizes that
generic regulations cannot always account for site-specific conditions.
Some degree of regulatory flexibility is necessary to ensure that each
licensee is capable of meeting the general performance objective of
Sec. 73.55(b)(1) to provide ``high assurance'' of public health and
safety and common defense and security despite site specific conditions
or situations that may interfere with or prevent the effective
implementation of a given NRC requirement. Therefore, these regulations
provide several mechanisms through which the NRC may approve a
licensee's plan to implement alternative measures or exempt a licensee
from compliance with any one or more NRC requirements, provided the
licensee documents and submits sufficient justification. Once those
exemptions or alternative measures are specifically reviewed and
approved by the NRC and are incorporated into the licensee's security
plan, they then become legally binding through the licensee's security
plan required as a condition of its license.
In the rare situation in which a licensee's security plan conflicts
with NRC regulations and the NRC has not reviewed and approved the
conflicting measures, the Commission expects that the staff would work
with the licensee to ensure that the security plan is revised to comply
with the regulatory requirement. That the security plan may have been
approved with a deficiency does not excuse the licensee from compliance
with the Commission's regulations.
Section 73.55(a)(4) establishes when an applicant's physical
protection program must be implemented. The Commission concluded that
the receipt of special nuclear material (SNM) in the form of fuel
assemblies onsite, i.e. in the licensee's protected area, is the event
that subjects a licensee to the requirements of Sec. 73.55. It is the
responsibility of the applicant/licensee to implement an effective
physical protection program before SNM in the form of fuel assemblies
is received in the protected area.
The Commission has added a new requirement in Sec. 73.55(a)(5) to
address the Tennessee Valley Authority (TVA) facility at Watts Bar. TVA
is in possession of a current construction permit for Watts Bar Nuclear
Plant, Unit 2, and is treated as a current licensee for purposes of
satisfying the requirements of this rule. These requirements reflect
Commission support of a licensing review approach for Watts Bar Nuclear
Plant, Unit 2, that employs the current licensing basis for Unit 1 as
the reference basis for review and licensing of Unit 2, as stated in a
July 25, 2007, Staff Requirements Memorandum (ML072060688).
The Commission has revised the final rule Sec. 73.55(a)(6) to
clarify that certain requirements in this section apply only to
applicants for an operating license under the provisions of 10 CFR part
50 of this chapter, or holders of a combined license under the
provisions of 10 CFR part 52 of this chapter. Specifically, the
requirements to design, construct, and equip both the CAS and SAS to
the same standards are addressed in the final rule as Sec.
73.55(i)(4)(iii). The Commission views this as a prudent safety
enhancement for future nuclear power plants but not an enhancement that
is necessary for the adequate protection of pre-existing operating
reactors. Unless otherwise specifically approved by the Commission,
pre-existing power reactor licensees choosing to construct a new
reactor inside an existing protected area are subject to the new CAS/
SAS requirements in Sec. 73.55(i)(4)(iii).
Section 73.55(b), General Performance Objective and Requirements.
The Commission received several comments requesting that the term
``radiological sabotage'' be used in lieu of the phrase ``significant
core damage'' and ``spent fuel sabotage'' because the term
``radiological sabotage'' is defined in Sec. 73.2. The Commission
agrees in part and has revised the final rule in Sec. 73.55(b)(2) to
clearly retain, without modification, the pre-existing requirement for
licensees to provide protection against the design basis threat of
radiological sabotage and has revised Sec. 73.55(b)(3) to clarify that
the design of the physical protection program must ensure the
capability to prevent ``significant core damage'' and ``spent fuel
sabotage.'' It was not the Commission's intent in the proposed rule to
delete the requirement for protection against radiological sabotage but
rather to establish the prevention of significant core damage and spent
fuel sabotage as the criteria to measure a licensee's performance to
protect against ``radiological sabotage.'' The final rule has been
revised to reflect this intent. The achievement of ``significant core
damage'' and ``spent fuel sabotage'' can be measured by the licensee
through accepted engineering standards, and the use of these terms
provides measurable performance criteria that are essential to
understanding the definition of radiological sabotage. Additionally,
the Commission believes that continued use of the terms ``significant
core damage'' and ``spent fuel sabotage'' to enhance the understanding
of radiological sabotage is warranted because these terms are now well
established and have been used consistently by the
[[Page 13937]]
Commission and industry relative to force-on-force testing before and
after September 11, 2001.
The Commission received several comments regarding the proposed
rule Sec. 73.55(b)(2), the introduction of six performance-criteria:
detect, assess, intercept, challenge, delay, and neutralize. Upon
consideration, the Commission concluded that the four terms, ``detect,
assess, interdict, and neutralize,'' more concisely represent the
intended performance-criteria and this change has been made throughout
the final rule. The terms ``intercept, challenge, and delay'' are
subsumed in the term ``interdict.''
The Commission received a comment that the proposed rule Sec.
73.55(b)(3) delineation of requirements for the design of the physical
protection program should be clarified. The Commission agrees and Sec.
73.55(b)(3) has been revised to clarify Commission expectations. The
requirement for the protection of personnel, equipment, and systems
against the design basis threat vehicle bomb assault is addressed in
the Sec. 73.55(e)(10)(i)(A). The requirement for protection against a
single act, within the capabilities of the design basis threat of
radiological sabotage, is based upon the pre-existing Sec. 73.55(e)
and is addressed in the final rule Sec. 73.55(i)(4)(i). Section
73.55(i)(4)(i) requires licensees to protect either the CAS or SAS
against a single act by ensuring the survival of at least one alarm
station in order to maintain the ability to perform required functions.
Section 73.55(b)(4) is renumbered in the final rule as Sec.
73.55(b)(3)(ii). The Commission received a comment that the scope of
the proposed Sec. 73.55(b)(4) regarding the term ``defense-in-depth''
was not clearly understood. Section 73.55(b)(3)(ii) is revised to
clarify that defense-in-depth is accomplished through the integration
of systems, technologies, programs, equipment, supporting processes,
and implementing procedures as needed to ensure the overall
effectiveness of the physical protection program.
Section 73.55(b)(4) is added to specifically require that each
licensee perform a site-specific analysis for the purpose of
identifying and analyzing site-specific conditions that affect the
design of the onsite physical protection program. Commission
regulations are generic and cannot in all instances account for site-
specific conditions, and therefore, it is the licensee's responsibility
to identify and account for site-specific conditions relative to
meeting Commission requirements, subject to NRC inspection.
Section 73.55(b)(8) is added to require the development and
maintenance of a cyber security program that meets the performance
objectives of the new Sec. 73.54. Section 73.54 incorporates the
proposed Sec. 73.55(m) in its entirety, and the associated public
comments were addressed previously within the new Sec. 73.54.
Section 73.55(b)(10) is revised to clarify the Commission's
expectation that each licensee will enter physical protection program
findings and deficiencies into the site corrective action program so
that they can be tracked, trended, corrected, and prevented from
recurring.
Section 73.55(b)(11) is repeated from the pre-existing appendix C
to part 73, ``Introduction,'' to delineate the Commission's expectation
that security plans and implementing procedures must be complementary
to other site plans and procedures.
Section 73.55(c), Security Plans. The Commission received several
comments stating that the requirements in Sec. 73.55(c) are redundant
to the requirements in Sec. 50.34(c) and (d). The Commission
disagrees. While these requirements appear to be redundant, conforming
changes have been made to Sec. 50.34(c) and (e) to include cyber
security plans and training and qualification plans. In addition, Sec.
73.55 establishes a paragraph dedicated to security plans to
consolidate the regulatory framework for each plan, describe the
general content of each plan, and clarify the relationship between
Commission regulations, NRC-approved security plans, and site-specific
implementing procedures. The primary focus of the security plans is to
describe how the licensee will satisfy Commission requirements
including how site-specific conditions affect the measures needed at
each site to ensure that the physical protection program is effective.
The Commission received a comment that the proposed Sec.
73.55(c)(2) appeared to require that all security plans be protected as
Safeguards Information (SGI). The Commission disagrees with the
comment. Licensees are required by Sec. 73.55(c)(2) only to review the
information contained in the security plans against the criteria
contained in Sec. 73.21 to determine the existence of SGI and to
protect that information appropriately.
The Commission has added a conforming requirement to Sec. Sec.
73.55(c)(6) and 50.34(c) for licensees to provide a cyber security plan
in accordance with the new Sec. 73.54 for Commission review and
approval.
The proposed Sec. Sec. 73.55(c)(3)(ii), 73.55(c)(4)(ii), and
73.55(c)(5)(ii) are deleted from the final rule. The Commission's
expectation is that each licensee will address Commission requirements
in their approved plans and implementing procedures and, where the
Commission requires a specific detail to be included in the plans, that
requirement is stated in applicable paragraphs of the final rule.
Section 73.55(d), Security Organization. The Commission received
several comments that the proposed requirement of Sec. 73.55(d)(1) to
provide ``early detection, assessment, and response to unauthorized
activities within any area of the facility'' was too broad and could
result in unnecessary regulatory burden. The Commission agrees with the
comment and has deleted these terms and revised the language to clarify
the primary responsibility of the security organization. The intent is
that the security organization will focus upon the effective
implementation of the physical protection program which in turn is
designed to protect the facility from the design basis threat of
radiological sabotage with high assurance.
The Commission received a comment that proposed Sec. 73.55(d)(3)
was not clearly understood as it appeared this requirement may pertain
to any individual within the security organization. The Commission
agrees, and the final rule text in Sec. 73.55(d)(3) is revised to
clarify that individuals assigned to perform physical protection and/or
contingency response duties must be trained, equipped, and qualified in
accordance with appendix B to part 73 to perform those assigned duties
and responsibilities whether that individual is a member of the
security organization or not. This clarification is made to account for
those instances where the licensee uses facility personnel other than
members of the security organization to perform duties within the
physical protection program, such as a vehicle escort or warehouse
personnel inspecting/searching deliveries. The rule requires that
facility personnel who are not members of the security organization
will be trained and qualified for the specific physical protection
duties that they are assigned, which includes possessing the knowledge,
skills, abilities, and the minimum physical qualifications such as
sight, hearing, and the general health needed to perform the assigned
duties effectively.
The proposed Sec. 73.55(d)(4) is deleted from the final rule
because the reference to meeting the requirements of Sec. 73.56
[[Page 13938]]
(Access authorization program) is redundant.
The Commission received several comments indicating that the
requirements in the proposed Sec. 73.55(d)(5) pertaining to contracted
security forces were redundant to other requirements addressed in the
proposed rule. The Commission agrees. These requirements were retained
from pre-existing requirements for the licensee to explicitly include
these requirements as written statements in contracts between the
licensee and a contract security force. Upon review, the Commission has
determined that specifying these requirements in written contracts is
unnecessary. The enforceability of NRC regulatory requirements is not
dependent on whether they are implemented by the licensee or by a
licensee contractor; therefore, specifically requiring the contract
between these parties to contain these requirements is unnecessary. The
Commission has, however, retained the requirement in the final rule
Sec. 73.55(q)(3), ``Records,'' (formally described in proposed Sec.
73.55(d)(5)) that a copy of the contract be retained by the licensee.
Additionally, the requirement in the proposed Sec. 73.55(d)(5)(vi)
that ``any license for possession and ownership of enhanced weapons
will reside with the licensee'' has been deleted from this section. The
Commission intends, however, that this requirement will be reflected in
its regulations codifying requirements related to the use of enhanced
weapons. The Commission's plan for that rulemaking was stated
previously in this document. The remaining proposed requirements of
Sec. 73.55(d)(5) are deleted from this paragraph and are retained in
other paragraphs of the final rule.
Section 73.55(e), Physical Barriers. The Commission received
several comments that the proposed Sec. 73.55(e) would result in
unnecessary regulatory burden by expanding protected area physical
barrier requirements into the owner controlled area (OCA). The
Commission agrees in part and Sec. 73.55(e) is revised to clarify the
generic and specific requirements for the design, construction,
placement, and function of each physical barrier. Section 73.55(e)(6)
specifically addresses requirements for physical barriers in the OCA.
Physical barriers can be used to fulfill many functions within the
physical protection program, and therefore, each physical barrier must
be designed and constructed to serve its predetermined function within
the physical protection program. Consistent with Sec. 73.55(b) for
design of the physical protection program, the rule requires that each
licensee will analyze site-specific conditions to determine the
specific use, type, function, construction, and placement of physical
barriers needed for the implementation of the physical protection
program.
The Commission received comments on the proposed Sec.
73.55(e)(3)(i), which would have required the delineation of the
boundaries of areas for which the physical barrier provides protection,
requesting that this provision be deleted because it lacked performance
criteria. The Commission agrees, and the requirement is deleted from
the final rule because it is more appropriate to be specified in
regulatory guidance.
The proposed Sec. 73.55(e)(3)(ii) is renumbered in the final rule
as Sec. 73.55(e)(3)(i) and is broken into subparagraphs Sec.
73.55(e)(3)(i)(A) through (C). The Commission received a comment to
clarify the proposed rule statements of consideration pertaining to the
performance criteria for physical barriers. The Commission agrees in
part. The pre-existing Sec. 73.55(c)(8) introduced design goals
relative to the use of vehicle barriers but did not address other
physical barriers. The statements of consideration in the proposed rule
attempted to incorporate other physical barriers and explain that the
generic performance-criteria for physical barriers are not limited to
vehicle barriers. The criterion for physical barriers is that ``each
barrier be designed to satisfy the function it is intended to
perform.'' The Commission agrees with the comment stating that the
performance of all three functions (i.e., visual deterrence, delay, and
support access control measures) is not always required of each
barrier, and the final rule addresses the barrier design requirements
generically in Sec. 73.55(e)(3)(i)(A) through (C).
The Commission received several comments requesting clarification
of the proposed rule Sec. 73.55(e)(4) for physical protection measures
in the OCA. The proposed Sec. 73.55(e) attempted to establish a
generic requirement for the design, construction, placement, and
function of physical barriers based on a site specific analysis. This
generic requirement was misunderstood to mean that PA barriers were now
required in the OCA. As such, the Commission revised the proposed Sec.
73.55(e) and (e)(6) to clarify the scope and intent of this
requirement. Consistent with the final rule Sec. 73.55(b)(4), it is
the responsibility of each licensee to identify, analyze, and account
for site-specific conditions in the design and implementation of its
physical protection program. Section 73.55(e)(6) is revised to clarify
that the application of physical barriers in the OCA is determined by
each licensee through site-specific analysis and must satisfy the
physical protection program design requirements of Sec. 73.55(b). The
rule requires that the licensee will design and construct appropriate
barriers in those areas to meet the identified site-specific need.
The Commission received comments requesting clarification of the
term ``unobstructed observation'' as used in Sec. 73.55(e)(5)(i)(A).
The Commission agrees that this term can be misunderstood, and
therefore, Sec. 73.55(e)(7)(i)(A) is revised to delete the term
``unobstructed.'' This term was used to emphasize that a clear field of
observation be provided in the isolation zone. However, the
Commission's expectation is not the complete elimination of obstruction
but that the licensee implement measures needed to negate the effects
of any obstructions such as the relocation of non-permanent objects or
the strategic placement of cameras to enable observation around an
obstruction.
The Commission received several comments to clarify the proposed
Sec. 73.55(e)(5)(ii) pertaining to the performance of isolation zone
assessment equipment and agrees that clarification is necessary. The
proposed Sec. 73.55(e)(5)(ii) is renumbered in the final rule as Sec.
73.55(e)(7)(i)(C) and provides a performance-based description for
specific isolation zone assessment equipment. The Commission has
concluded that the requirement for this equipment is consistent with
current licensee practices, therefore, it is an appropriate update for
this final rule.
The proposed Sec. 73.55(e)(5)(iii) is renumbered in the final rule
as Sec. 73.55(e)(7)(ii). The Commission received a comment that this
requirement would preclude the use of areas inside the protected area
as equipment lay-down/staging areas. The Commission agrees in part. The
final rule does not preclude the use of lay-down areas/staging areas.
However, this requirement does explicitly preclude such activities
where the action constitutes an obstruction that prevents observation
on either side of the protected area perimeter. This rule requires the
licensee to take appropriate actions to negate any adverse effects that
lay-down/staging areas may have to prevent observation on either side
of the protected area perimeter.
The Commission received several comments to clarify the proposed
requirement in Sec. 73.55(e)(6)(i) to secure penetrations through the
protected area barrier. The Commission agrees that
[[Page 13939]]
clarification is necessary. The proposed requirement is separated and
renumbered as Sec. 73.55(e)(8)(ii). Section 73.55(e)(8)(ii) is revised
to clarify that penetrations must be secured and monitored to prevent
exploitation. Where the size of an opening in any barrier is large
enough to be exploited or otherwise defeat the intended function of
that barrier, then such openings must be secured and monitored to
prevent or detect attempted or actual exploitation.
The proposed Sec. 73.55(e)(6)(v) is renumbered to Sec.
73.55(e)(5). The Commission received several comments to clarify the
term ``bullet-resisting.'' The Commission agrees in part that
additional clarification is needed but does not believe that such
clarification is necessary in the rule text. The Commission has
determined that it is not appropriate to publicly reference site
specific bullet-resisting standards in the rule because such
specificity may lead to the identification of specific vulnerabilities.
Specific bullet resisting standards that meet the requirements in Sec.
73.55(e)(5) are described in regulatory guidance and would be further
reflected in a licensee's NRC-approved security plans. The Commission
acknowledges, however, that in addition to manufactured bullet-
resisting materials, a level of bullet-resistance that meets the intent
of this regulation might be provided by distances and angles combined
with standard construction materials and designs.
The proposed Sec. 73.55(e)(6)(vi) is renumbered in the final rule
as Sec. 73.55(e)(8)(v). The Commission received several comments
requesting that the NRC delete the word ``all'' with respect to its
modification of the term ``exterior areas.'' The Commission agrees that
clarification is necessary. Section 73.55(e)(8)(v) retains and updates
the pre-existing requirement in Sec. 73.55(c)(4) to periodically check
all exterior areas within the protected area but has revised the
requirement to clarify that some areas may be excepted from this
requirement where safety concerns prevent the licensee from physically
checking that area. The Commission's expectation is that licensee
procedures will account for these areas by another means that ensures
the safety of personnel while assuring the integrity of the area and
the requirement is met.
Section Sec. 73.55(e)(9)(v)(D) is added to include the SAS among
the types of areas and equipment that must be afforded protection as a
vital area/equipment the same as the CAS, only for applicants for new
reactor licenses. Current licensees are not subject to this requirement
as they have been found to provide adequate protection within current
configurations. The requirement to treat SAS as a vital area is an
enhancement that provides equivalency and redundancy for the alarm
stations.
The Commission received a comment that proposed Sec.
73.55(e)(7)(iii), renumbered to the final rule as Sec.
73.55(e)(9)(vi)(A), expands the requirement for secondary power systems
from just ``alarm annunciator equipment'' to all ``intrusion detection
and assessment equipment'' and that this is a significant expansion
that is not explained or supported by NRC force-on-force inspections.
The Commission agrees that the scope of the proposed paragraph appears
to have been expanded to require all intrusion detection and assessment
equipment employed by the licensee to be connected to a secondary power
supply and for all secondary power supplies to be treated as vital
areas. Section 73.55(e)(9)(vi)(A) is revised to retain the pre-existing
Sec. 73.55(e)(1) to locate the secondary power supply for alarm
annunciation equipment in a vital area. The Commission has added Sec.
73.55(i)(3)(vii) to address uninterruptible power supplies for
intrusion detection and assessment equipment at the protected area
perimeter. The uninterruptible power supply discussed in Sec.
73.55(i)(3)(vii) is not required to be located in a vital area because
it is a short-term measure utilized to provide service until secondary
power sources are operable and the Commission recognizes that
uninterruptible power supplies are physically dispersed across the
site. Making each uninterruptable power supply a vital area is
considered a safety enhancement and implementation would be an
unnecessary regulatory burden on the licensee based on the level of
protection that would be provided versus the cost.
The Commission has determined that the proposed Sec.
73.55(e)(7)(iv) was redundant to Sec. 73.58 and has deleted this
requirement from the final rule to avoid unintended duplication and
impact beyond current requirements.
The Commission received multiple comments stating that the proposed
Sec. 73.55(e)(8) significantly expands the requirements for
controlling vehicles inside the OCA. The pre-existing Sec. 73.55(c)(7)
requires the licensee to provide vehicle control measures, including
vehicle barrier systems, to protect against use of a land vehicle as a
means of transportation to gain unauthorized proximity to vital areas.
The Commission's intent is not to expand the requirements for
controlling vehicles in the OCA and has revised and consolidated the
proposed rule Sec. 73.55(e)(8) to clarify scope and intent of this
requirement. The proposed Sec. 73.55(e)(8) is renumbered in the final
rule as Sec. 73.55(e)(10) and provides general vehicle control
requirements. In addition, the rule requires that licensees implement
security measures to prevent unauthorized access to the protected area
by rail.
The Commission received several comments on proposed Sec.
73.55(e)(8)(ii) that to control vehicle approach routes is broader in
scope than protecting against vehicle bomb attacks and preventing
vehicle use as a means of adversary transportation as was stated in the
proposed rule. In lieu of a specific requirement to control vehicle
approach routes, Sec. 73.55(e)(10) provides general vehicle control
requirements. The Commission acknowledges that the control of vehicle
approach routes is generally accomplished through the establishment of
vehicle control measures such as a vehicle barrier system designed for
protection against vehicle bomb assaults or a protected area barrier
that prevents unauthorized personnel from gaining proximity to
protected areas or vital areas.
The proposed Sec. 73.55(e)(8)(iii) is modified and renumbered as
Sec. 73.55(e)(10)(i)(A). The Commission received several comments to
clarify protection requirements against land vehicle bombs and the
protection of personnel, systems, and equipment. The Commission agrees,
and Sec. 73.55(e)(10)(i)(A) is revised to clarify the protection of
personnel, systems, and equipment relative to land vehicle bomb
assaults rather than the design basis threat in its entirety. This
requirement does not include an obligation to protect all plant
personnel from such an attack but rather focuses on the protection of
those personnel whose job functions make them necessary to prevent
significant core damage and spent fuel sabotage through the
implementation of the protective strategy.
The proposed Sec. 73.55(e)(8)(v) is renumbered as Sec.
73.55(e)(10)(i)(B). The Commission received a comment to clarify
whether loss of power testing is subject to this requirement. The
Commission concluded that specific testing criteria and periodicity are
site-specific and must be addressed in procedures. The rule requires
that each licensee will develop and implement procedures that will
ensure that active vehicle barriers can be electronically, manually, or
mechanically placed in the denial position to perform their intended
function for protection against
[[Page 13940]]
the vehicle bomb in the event of a power failure.
The proposed Sec. 73.55(e)(8)(vi) is renumbered as Sec.
73.55(e)(10)(i)(C). The Commission received several comments that if
the proposed Sec. 73.55(e)(8)(vi) is intended to address tampering
then the term ``tampering'' should be used. The Commission agrees and
Sec. 73.55(e)(10)(i)(C) is revised to remove the term ``integrity,''
and clarified to require that the licensee implement measures to
identify indications of tampering with vehicle barriers and barrier
systems and to ensure that barriers are not degraded. The rule requires
that the licensee will implement appropriate surveillance and
observation measures for vehicle barriers, barrier systems, and railway
barriers.
Section 73.55(e)(10)(i)(D) was specifically added, based on a
comment, to address vehicle control measures for sites that have rail
access to the protected area.
The proposed Sec. 73.55(e)(9) is renumbered as Sec.
73.55(e)(10)(ii). Section 73.55(e)(10)(ii)(B) is revised to require
licensees to provide periodic surveillance and observation of waterway
approaches and adjacent areas. Section 73.55(e)(10)(ii) is also revised
to delete reference to early detection, assessment, and response,
consistent with revisions made to the proposed Sec. 73.55(d)(1).
The proposed Sec. 73.55(e)(10) is deleted. The Commission received
several comments that this provision is inconsistent with the existing
regulations and associated regulatory guidance for openings in the
protected or vital areas. The Commission agrees and furthermore
determined that ``Unattended Openings'' are adequately addressed in
regulatory guidance and, therefore, need only be addressed through a
more generic requirement within this rulemaking. Section
73.55(e)(8)(ii) and Sec. 73.55(i)(5)(iii) generically address
penetrations through the PA barrier and unattended openings that
intersect a security boundary. The rule requires that such penetrations
and unattended openings will be secured and monitored consistent with
the intended function of the barrier to ensure the penetration or
unattended opening can not be exploited.
Section 73.55(f), Target Sets. The Commission received multiple
comments that the NRC should require licensees to identify certain
bridges as ``targets.'' The commenter stated in part, that certain
bridges, if lost, would adversely affect or even negate the offsite
responders' capabilities and because numerous emergency scenarios rely
upon offsite responder's capability to cross these bridges to gain
access to the facility during an emergency. The Commission disagrees.
The requirements of this section focus on the physical protection of
target set equipment against the design basis threat of radiological
sabotage. Target sets include, in part, the combination of equipment or
operator actions which, if all are prevented from performing their
intended safety function or prevented from being accomplished, would
likely result in significant core damage barring extraordinary action
by plant operators. Clearly, geographical features such as bridges or
other ingress or egress routes are not included in this concept of
target set equipment. Further, a licensee's ability to defend against
the design basis threat of radiological sabotage is not dependent on
the availability of offsite responders.
The Commission received a comment that proposed Sec. 73.55(f)(1)
which would have required licensees to document their target set
development process in ``site procedures'' is not appropriate because
other site documents (e.g., engineering calculations) are used to
document this process. The Commission agrees and final rule Sec.
73.55(f)(1) is revised to generically require that this information be
documented, rather than written into site procedures, to provide the
necessary regulatory flexibility. The word ``maintain'' is added to
ensure availability of this information upon request by an authorized
representative of the NRC. The specific information needed to satisfy
this requirement may be contained in engineering records or other
documents.
The Commission received two comments pertaining to the proposed
requirement Sec. 73.55(f)(2) which stated that the requirement for
licensees to consider the effects of cyber attacks on target sets is
not appropriate. The Commission disagrees, concluding that Sec.
73.55(f)(2) is appropriate and consistent with Commission requirements
for protection against the design basis threat of radiological sabotage
stated in Sec. 73.1 and the cyber security requirements stated in the
new Sec. 73.54.
The Commission received a comment that the proposed Sec.
73.55(f)(3) requirement to list target set equipment or elements that
are not within a protected or vital area in the approved security plan
is an unnecessary regulatory burden that could require plan changes
whenever site-conditions change. The Commission agrees that targets
sets must be adjusted consistent with changes to site-specific
conditions, and therefore, Sec. 73.55(f)(3) is revised to require that
target set elements not contained in a protected or vital area be
identified through the documentation required in Sec. 73.55(f)(1)
rather than security plans to ensure that they can be appropriately
updated and modified to account for changes to site-specific conditions
without prior Commission approval.
The Commission received comments that the proposed Sec.
73.55(f)(4), which would have required implementation of a program to
ensure that changes to the configuration of equipment that was
identified as target set equipment in the licensee's security plan, was
not appropriate due to the increased burden of oversight identified by
the requirement. The Commission agrees in part. Section 73.55(f)(4) is
revised to clarify the Commission's expectation that each licensee
implement a process for the oversight of target set equipment, systems,
and configurations using existing processes. This requirement ensures
that changes made to the configuration of target set equipment and
modes of operation are considered in the licensee's protective
strategy. Reference to ``significant core damage and spent fuel
sabotage'' is deleted to clarify that the focus of this requirement is
on the licensee's process to identify changes made to such equipment
that could potentially affect the implementation of the protective
strategy. The licensee is expected to periodically review target sets
for completeness and continued applicability consistent with the
requirements in the final rule Sec. 73.55(m), ``Security program
reviews.'' The Commission has determined that such reviews are needed
to ensure target sets are complete and accurate at all times.
Section 73.55(g), Access Controls. The Commission received a
comment that the proposed Sec. 73.55(g) does not close a dangerous
loophole in current search requirements for law enforcement personnel
and security officers which allows bona fide Federal, State, and local
law enforcement personnel on official duty and licensee security
personnel who have exited the protected area (PA) to reenter the PA
without being searched for firearms. The commenter argued that such
exceptions could provide insiders or corrupt law enforcement personnel
collaborating with adversaries with significant opportunities to
introduce contraband, silencers, ammunition, or other unauthorized
equipment that could be used in an attack. The commenter stated that
this practice should be explicitly forbidden in the rules except under
[[Page 13941]]
extraordinary circumstances. The Commission disagrees with this
comment. On-duty law enforcement personnel may be granted access by
licensees when there is a need for such access and are escorted while
inside the PA. With respect to licensee security personnel, they are
searched for firearms, explosives, and incendiary devices upon
reporting for duty and are under the observation of other security
personnel who are subject to the licensee's continuous behavioral
observation program when performing duties. Upon assuming their duties,
armed security officers must continue to be subject to the search
criteria for explosives and incendiary devices upon re-entry to the PA.
Both law enforcement personnel and licensee armed security personnel
have been determined, through rigorous background investigations, to be
trustworthy and reliable before being issued a firearm as part of their
assigned duties. The Commission concluded that this exception to the
required search criteria is necessary and appropriate to avoid
unnecessary regulatory burden associated with these operating
conditions.
The proposed rule attempted to address all access controls equally
without addressing specific implementing differences for access to the
owner controlled area, PA, or vital areas (VA). The Commission received
several comments to clarify these differences in access controls for
each area regarding processing of materials, personnel, and vehicles.
The Commission agrees and the final rule is revised to address access
control requirements for each area. The Commission also revised Sec.
73.55(g)(1)(ii), (A), (B), and (C) to clarify generic control measures
for controlling vehicle access through a vehicle barrier. Section
73.55(g)(2) is revised to specifically address PA access controls, and
Sec. 73.55(g)(4) is revised to specifically address VA access
controls.
The proposed Sec. 73.55(g)(1)(iv) to monitor and ensure the
integrity of the licensee's access control systems is deleted from the
final rule because it is sufficiently addressed by Sec. Sec.
73.55(n)(1)(i) and (g)(1)(i)(C). The rule requires that the licensee
will ensure that all access controls are working as intended and have
not been compromised such that a person, vehicle, or material is able
to gain unauthorized access beyond a barrier.
The proposed Sec. 73.55(g)(5) is renumbered as Sec. 73.55(g)(3).
The Commission received a comment that the proposed Sec.
73.55(g)(3)(ii) would have relaxed the requirement for armed security
escorts for all vehicles inside a nuclear power plant's PA or VAs,
unless the vehicle was specifically designated for use in such areas.
The commenter further stated that the provision provides no explanation
for the proposed change to this requirement, particularly given that
there appears to have been no change in the threat environment that
might warrant this change in security.
The Commission disagrees that requirements for control of vehicles
inside the PA are relaxed by this requirement. The pre-existing
requirement Sec. 73.55(d)(4) did not require an armed escort for all
vehicles but rather required only that the escort be a member of the
security organization who may have been an unarmed watchman. The
requirement has been revised, however, to permit the use of non-
security-organization personnel as escorts for vehicles except that
armed security personnel must escort vehicles containing hazardous
materials and unsearched bulk items. Vehicle escorts, however, must be
trained in accordance with the licensee's training and qualification
plan as required by Sec. 73.55(g)(8)(iii).
The pre-existing requirement for licensees to designate certain
vehicles for use inside the PA has been deleted from the final rule.
The Commission concluded that simply designating a vehicle for use
inside the PA is an unnecessary regulatory burden and, therefore, is
not necessary. Section 73.55(g)(3)(iii) requires that vehicle use
inside the PA must be limited to plant functions or emergencies and
that keys must be removed or the vehicle otherwise disabled when not in
use. All vehicles and personnel must be searched before entering the
PA. Vehicles operated by individuals who are authorized unescorted
access to the PA are not required to be escorted.
The proposed Sec. 73.55(g)(4)(ii)(C), which would have required
licensees to implement procedures during an emergency to ensure that
the licensee's capability to prevent significant core damage and spent
fuel sabotage was maintained, is deleted because it is sufficiently
addressed by Sec. 73.55(b)(3).
The proposed Sec. 73.55(g)(4)(iii) is subsumed by Sec. Sec.
73.55(g)(5)(ii) and 73.55(b)(11). These provisions require that
consideration be given to how access to and egress from the site will
be controlled during an emergency, which is a function assigned to the
security organization consistent with site emergency procedures.
The Commission received comments that passwords are not access
control devices and, therefore, are not appropriate for the
requirements of the proposed Sec. 73.55(g)(6). The Commission
disagrees. The Commission has determined that in physical security,
passwords are a form of access control device because they are used to
control access to security computer or electronic systems and may be
used to control access to secured areas. The rule requires that the
licensee will control passwords/passcodes used for security computers,
electronic systems, or secured areas.
Section 73.55(g)(7)(i)(F) is added to require the licensee to deny
access (escorted or unescorted) to any individual for whom access is
currently denied at another NRC-licensed nuclear power reactor
facility.
The Commission received several comments that the requirements
described in proposed Sec. 73.55(g)(7)(ii) regarding the specific
information to be included on photo-identification badges issued to
non-employee personnel who require frequent or extended unescorted
access to a facility are an unnecessary regulatory burden. The
Commission agrees in part, and Sec. 73.55(g)(7)(ii) is revised to
retain only the requirement for badges to visually reflect that the
individual is a non-employee and that no escort is required. The
proposed Sec. Sec. 73.55(g)(7)(ii)(B) through (D) are deleted. The
Commission's expectation is for licensees to electronically record the
individual's access level, period of unescorted access, and employer
within security databases. The Commission concluded that current badge
technology is predicated upon computerized access control methodologies
that store much of this information electronically on badges or
keycards and in associated databases. Therefore, the need to visually
display such information on badges is unnecessary. The proposed Sec.
73.55(g)(7)(ii)(E) requirement for the designation of assigned assembly
areas on badges is also deleted as it is determined to be an
unnecessary regulatory burden.
The Commission received a comment to clarify the proposed Sec.
73.55(g)(8) relative to the training of personnel assigned to perform
escort duties. The rule requires that all escorts will be trained to
perform escort duties and that this training may be accomplished
through existing processes such as the General Employee Training
(personnel escort) and/or the security Training and Qualification Plan
(vehicle escorts). This training requirement ensures that any
individual assigned to escort duties understands their responsibilities
and the activities the person(s) to be escorted are authorized to
perform. For
[[Page 13942]]
those instances where the licensee uses facility personnel other than a
member of the security organization to perform escort duties within the
physical protection program, such as a vehicle escort, these
individuals must be trained, equipped, and qualified in accordance with
the security Training and Qualification Plan to perform this specific
duty. The rule requires that facility personnel who are not members of
the security organization will be trained and qualified for the
specific physical protection duties that they are assigned which
includes possessing the knowledge, skills, abilities, and the minimum
physical qualifications such as sight, hearing, and their general
health needed to perform the assigned duties effectively.
The Commission received another comment that the proposed Sec.
73.55(g)(8) allows escorts to take multiple visitors with no background
checks into PAs and VAs, but does not require that the escorts meet
even minimal physical and visual capabilities. The commenter stated
that, unlike the proposed new requirement in Part 73, appendix B,
paragraph B.2.a(2) that unarmed members of the security organization
meet specified physical capabilities, the proposed regulations in Sec.
73.55(g)(8) would not prevent licensees from assigning blind, deaf, and
mute persons as escorts. The commenter urged that the regulation define
minimally acceptable physical attributes for escorts. The Commission
disagrees with this comment. The final rule does not require personnel
escorts to be subjected to medical qualifications to perform escort
duties but does require escorts to meet the requirements of Sec.
73.55(g)(8), which establishes training and qualification requirements
for personnel escorts. Further, personnel escorts are required to be
capable of performing the assigned duty and maintain communication with
the security organization when performing escort duties to summon
assistance if needed. The NRC has never imposed minimum physical
qualifications on licensee personnel escorts and the commenter has
supplied no basis to impose such requirements now.
Section Sec. 73.55(g)(8)(i) through (v) updates pre-existing
requirements consistent with Commission expectations and current
licensee practices for performing escort duties. The Commission
received several comments that the proposed Sec. 73.55(g)(8)(ii),
which would have required that individuals assigned escort duties be
provided a means of ``timely communication,'' was without basis because
current communications capabilities at facilities are sufficient for
escorts to make notifications or requests for assistance. Therefore,
the commenter asserted that the NRC should delete this provision from
the final rule. The Commission disagrees. The rule requires that
escorts be able to call for assistance when needed. The ``timely
communication'' language in the final rule does not require a specific
form of communication media. It is the responsibility of each licensee
to determine the appropriate communication media for their site which
may or may not include the use of hand-held radios, public address
systems, intercoms, etc. The Commission has concluded that timely
communication capability is an appropriate update to pre-existing
requirements and current licensee practices. Therefore, the Commission
retains this requirement in Sec. 73.55(g)(8)(ii).
The Commission received several comments that the proposed Sec.
73.55(g)(8)(iii) for continuous communication is a new requirement
without basis. The Commission disagrees. Section 73.55(g)(8)(iii) is an
appropriate update to the pre-existing requirement described in Sec.
73.55(f)(1), which required security personnel to maintain continuous
communication capability with the central and secondary alarm stations
and the pre-existing Sec. 73.55(d)(4) which required vehicles to be
escorted by security personnel while inside the PA. Section
73.55(g)(3)(ii) relieves the licensee from the pre-existing Sec.
73.55(d)(4) and allowed non-security personnel, who are trained and
qualified in accordance with the security Training and Qualification
Plan, to escort vehicles inside the PA. In providing this relief, the
Commission concluded that it is prudent to ``retain'' the pre-existing
Sec. 73.55(f)(1) requirement for vehicle escorts to maintain a
continuous communication capability that was otherwise present through
the use of security personnel escorting vehicles. It is also important
to note that Sec. 73.55(g)(8)(iii) is revised to permit vehicle
escorts to directly contact members of the security organization other
than the CAS or SAS for assistance. The proposed requirement would have
limited this communication to only the CAS or SAS.
The Commission received a comment that the proposed Sec.
73.55(g)(8)(iv) phrase ``knowledgeable of those activities that are
authorized to be performed within the areas'' is broad and
impracticable and that escorts should only be responsible for observing
obvious indications of inappropriate behavior. The Commission agrees in
part and revised Sec. 73.55(g)(8)(iv) to clarify that the level of
knowledge required is general and that general knowledge of authorized
activities is a fundamental requirement for an effective escort.
The Commission received comments that proposed Sec.
73.55(g)(8)(v), which described minimum visitor to escort ratios in
protected and vital areas, would not have provided sufficient
protection against the possibility that visitors could attempt to
commit or facilitate acts of radiological sabotage. The Commission
disagrees that the requirements reflected in the proposed rule are not
sufficient to ensure that visitor activities are adequately controlled,
and they are, therefore, reflected in the final rule. The rule requires
each licensee to implement visitor observation and control measures
that are consistent with the physical protection program design
requirements in Sec. 73.55(b) including specific requirements for
searches of personnel, escorting of personnel, and escort
communications. The Commission has concluded that the visitor control
measures required by this paragraph provide an appropriate level of
protection and prescribing specific visitor-to-escort ratios is
unnecessary. Visitor-to-escort ratios should be specific to each site
and visitor based on site conditions and the rationale for the visit.
Therefore, Sec. 73.55(g)(8)(v) is revised to delete the proposed
visitor-to-escort ratios (10 to 1 in the PA and 5 to 1 in VAs) as these
ratios are addressed in regulatory guidance and required to be
delineated in the licensee's NRC-approved security plans.
Section 73.55(h), Search Programs. The Commission received several
comments that search requirements should be addressed according to
facility area (i.e., owner controlled area (OCA) and PA). The
Commission agrees, and Sec. 73.55(h) has been revised to address
search requirements by area. This revision is necessary to clarify the
differences of search requirements and implementation for owner
controlled and protected areas.
The Commission received several comments to clarify the proposed
Sec. 73.55(h)(1) and (1)(i) regarding searches and that searches
should be conducted at each physical barrier only for those items that
must be excluded beyond the barrier. The Commission agrees that
clarification is warranted and has combined and renumbered the proposed
Sec. 73.55(h)(1) and (h)(1)(i) as Sec. 73.55(h)(1). Consistent with
Sec. 73.55(b)(4), each licensee must analyze their site-specific
conditions to
[[Page 13943]]
determine what personnel, vehicles, and materials must be prevented
from gaining access to specific areas of the facility and will search
the personnel, vehicles, and materials to satisfy the design
requirements of Sec. 73.55(b).
The proposed Sec. 73.55(h)(5) is renumbered as Sec.
73.55(h)(2)(iii). Section 73.55(h)(2)(iii) is revised to specify
implementing details for the conduct of vehicle searches within the OCA
including to the number of personnel required and the duties to be
performed by each. The search process applied in the OCA must be
performed by two personnel at least one of which must be armed and
positioned to observe the search to provide an immediate response if
needed. The rule requirement for searches conducted at vehicle
checkpoints within the OCA is that one individual will conduct the
search function, a second armed individual will be physically located
at the checkpoint to provide an immediate armed response if needed, and
a third individual, in accordance with Sec. 73.55 (h)(2)(v), will
monitor the search function via video equipment at a location from
which that individual can initiate an additional response.
The proposed Sec. 73.55(h)(8) through (h)(8)(iii) are renumbered
as Sec. 73.55(h)(3)(v) through (h)(3)(viii). The Commission received a
comment that Commission approval of exceptions to search requirements
through licensee security plans is unreasonable and unnecessary. The
Commission agrees in part, and Sec. 73.55(h)(3)(v) is revised to
clarify the rule requirement that a general description of the types of
exceptions must be stated in the licensee security plans rather than a
specific listing of individual exceptions which must be captured in
procedures.
The proposed Sec. 73.55(h)(8)(i) is renumbered as Sec.
73.55(h)(3)(vii). The Commission received a comment that the
requirement for an armed escort is not applicable in all cases. The
Commission agrees in part and has revised Sec. 73.55(h)(3)(vii). The
rule requires that bulk items excepted from the search required for
access into the PA will be escorted by an armed member of the security
organization to ensure that unsearched bulk items are controlled until
they can be offloaded and the absence of contraband can be verified to
the extent practicable.
The proposed Sec. 73.55(h)(1)(iii) is subsumed in the final rule
in appendix B of part 73.
The proposed Sec. Sec. 73.55(h)(2)(i) and 73.55(h)(2)(ii)
regarding clearly identifying items during a search are subsumed as
Sec. Sec. 73.55(h)(2)(iv) and 73.55(h)(3)(i).
Section 73.55(i), Detection and Assessment Systems. Several
requirements from proposed Sec. Sec. 73.55(i)(7) and 73.55(i)(10) have
been consolidated, revised, relocated, and/or deleted to eliminate
redundancy and provide clarification for alarm annunciation and video
assessment equipment in both alarm stations and have been designated as
Sec. 73.55(i)(2) and (3).
The proposed Sec. Sec. 73.55(i)(4), 73.55(i)(4)(i), and
73.55(b)(3) are combined and renumbered as Sec. 73.55(i)(4)(i). The
Commission received a comment that the requirements set forth in the
proposed Sec. 73.55(i)(4) were significant high-impact requirements
that exceed the existing requirements without basis and whose exact
scope and impact could not be assessed with the current language. The
Commission agrees that further clarification of the intent and scope of
these requirements is necessary. In the final rule, the pre-existing
requirement in Sec. 73.55(e)(1) for protection of at least one alarm
station against a single act is retained. Section 73.55(i)(4)(i) of the
final rule clarifies the functions that must survive from a single act
by requiring licensees to ensure the survivability of either alarm
station to maintain the ability to perform the following four
functions: Detection and assessment of alarms, initiation and
coordination of an adequate response to alarms, summoning offsite
assistance, and providing effective command and control. The proposed
Sec. 73.55(b)(3), which generally addressed the protection of
personnel, systems, and equipment from a single act bounded by the
design basis threat, is now reflected as Sec. 73.55(e)(10)(i)(A),
which generally describes licensee measures for protection against the
design basis threat land vehicle bomb assault. A single act does not
refer to the number of acts committed during a security contingency
event; rather it pertains to any one act that alone could remove the
licensee's capability to retain at least one alarm station and/or its
functions as required. An example of a single act against which this
regulation requires protection would be destruction of security
equipment not specifically accounted for in the licensee protective
strategy that is accessible from the PA perimeter and that its
destruction would remove the capability to retain one alarm station
and/or its required functions.
The proposed Sec. 73.55(i)(4)(ii) is renumbered as Sec.
73.55(i)(3)(vii). The Commission received several comments that
proposed Sec. 73.55(i)(4)(ii), which would have required
uninterruptable backup power for all alarm station functions, would be
a significant high-impact requirement that would exceed the existing
requirements without a basis and that the exact scope and impact of the
requirement cannot be assessed with the current language. The
Commission agrees in part, and has revised Sec. 73.55(i)(3)(vii) to
clarify the scope of equipment to which this requirement applies. The
Commission recognizes that because the transfer to secondary power is
not an instantaneous event, the maintenance of continuous power to some
equipment essential to the initiation of licensees' protective
strategies may not be possible and could result in a period of degraded
performance. In light of this potential vulnerability, the rule
requires uninterrupted power supplies for detection and assessment
equipment at the PA perimeter to ensure continued operability in the
event of the loss of normal power during the transition between normal
power and initiation of secondary power. The Commission determined that
a licensee's capability to detect and assess a threat at the PA
perimeter is an essential function for all sites, and as such, the
equipment needed to satisfy the requirement in Sec. 73.55(i)(1) must
remain operable through an uninterruptible power supply. Based on each
licensee's site specific considerations, detection and assessment
equipment subject to this requirement may, for example, include alarm
annunciators and sensors, lighting, closed circuit televisions, and
video image recording necessary to provide detection and assessment at
the protected area perimeter. However, under this rule, each license
must identify which detection and assessment equipment it relies on to
initiate its protective strategy. This requirement is based on the pre-
existing Sec. 73.55(e)(1), the evaluation of information gained
through enhanced baseline inspections and force-on-force exercises.
Section 73.55(i)(4)(ii)(E) is added to ensure that licensees
address events (e.g., trespassing) that may not require a response in
accordance with the protective strategy but may require the employment
of elements within the licensee's force continuum and legal authority
as permitted under applicable State law.
Section Sec. 73.55(i)(4)(ii)(G) is added for consistency with
Sec. 73.55(i)(4)(ii)(F) to ensure that operators in both alarm
stations are knowledgeable of the final disposition of all alarms, thus
minimizing the possibility of assessment errors.
[[Page 13944]]
The proposed Sec. Sec. 73.55(a)(6), 73.55(a)(6)(i), and
73.55(a)(6)(ii) are consolidated and re-numbered as Sec.
73.55(i)(4)(iii). The Commission received several comments to clarify
the applicability and scope of the proposed Sec. 73.55(a)(6) and to
relocate this requirement to Sec. 73.55(i). The Commission agrees that
additional clarity is needed but declines to relocate the applicability
language in Sec. 73.55(a)(6). Sections 73.55(a)(6) and
73.55(i)(4)(iii) specify that the requirement to construct, locate,
protect, and equip both the central and secondary alarm stations (CAS
and SAS) is applicable to only applicants for an operating license
under the provision of part 50 or holders of a combined license under
the provisions of part 52 that is issued after the effective date of
this rule. The rule requires that both alarm stations for new reactors
will be equal and redundant and will meet construction standards
previously applied only to the CAS. Specifically, the Commission has
deleted the pre-existing provision that otherwise permitted the SAS to
be located offsite. Operating power reactors licensed before the
effective date of this final rule and the Tennessee Valley Authority's
Watts Bar Nuclear Plant need not renovate their existing alarm stations
to meet this requirement. Applicants for a new operating license or
combined license for a reactor that would be constructed inside an
existing PA must construct both the CAS and SAS to the requirements of
Sec. 73.55 for CAS, unless otherwise exempted through established
licensing processes.
The proposed Sec. Sec. 73.55(i)(5), (i)(6), and (i)(7)(i) related
to detection and assessment capabilities are deleted because they are
subsumed as Sec. 73.55(i)(1) which provides a general description of
detection and assessment requirements.
The proposed Sec. Sec. 73.55(i)(9)(ii), (ii)(A), and (ii)(B) are
combined and renumbered as Sec. 73.55(i)(5)(ii). The Commission
received a comment that the NRC should delineate the requirements of
each of the three areas (OCA, PA, and VA) in the final rule and clarify
what is meant by the proposed ``integrity of physical barriers or other
components.'' The Commission agrees and the final rule is revised to
clarify that this requirement applies to the OCA. The term
``integrity'' is retained and is meant to refer to the ability of the
barrier to perform its function and that it has not been tampered with.
The proposed Sec. 73.55(i)(9)(iv) is renumbered as Sec.
73.55(i)(5)(iii). The Commission received several comments to clarify
the proposed Sec. 73.55(i)(9)(iv), which concerned licensee
obligations for observation of unattended unmonitored openings. The
Commission agrees that clarification is needed, and Sec.
73.55(i)(5)(iii) is revised to clarify that this requirement focuses on
monitoring unattended openings, such as underground pathways, that can
be exploited to circumvent the intent of a barrier or otherwise defeat
its required function.
The proposed Sec. 73.55(i)(9)(iii)(B) has been divided and
renumbered as Sec. 73.55(i)(5)(v) and (vi). The Commission received a
request for clarification of the intent of the proposed requirement
specific to ``random intervals.'' The Commission agrees and Sec.
73.55(i)(5)(vi) is revised to clarify the scope of patrols relative to
PAs, VAs, and target sets. The term ``random'' as used in the final
rule is not intended to describe the periodicity of the patrols but to
describe the manner in which the patrol is conducted to prevent
predictability.
The proposed Sec. 73.55(i)(9)(iii)(C) is renumbered as Sec.
73.55(i)(5)(vii). The Commission received several comments to add the
word ``obvious'' before the word tampering because security personnel
generally do not possess the level of specific knowledge that might be
necessary to detect the types of tampering that could have been
included within the scope of the rule. These commenters noted that
other licensee operations personnel who possess detailed engineering
knowledge also provide observation of target set equipment and
additional assurances that tampering would be identified. The
Commission agrees and Sec. 73.55(i)(5)(vii) is revised to include the
term ``obvious'' consistent with the level of knowledge that security
personnel possess regarding plant operations based on training that is
provided to them.
The proposed Sec. Sec. 73.55(i)(10) and (i)(10)(i) are deleted
from the final rule because this proposed requirement to maintain video
equipment in operable condition is redundant to Sec. Sec. 73.55(b)(3)
and 73.55(n)(1)(i).
The proposed Sec. 73.55(i)(10)(iii) is deleted from the final
rule. The NRC received a comment that ensuring personnel assigned to
monitor video equipment are alert and able to perform their assigned
duties is a licensee management responsibility. The Commission agrees.
Fitness-for-duty, fatigue, and work-hour controls are covered in 10 CFR
part 26.
The proposed Sec. 73.55(i)(11)(i) is renumbered as Sec.
73.55(i)(6). The Commission received several comments to clarify this
lighting requirement. The Commission agrees and Sec. 73.55(i)(6) is
revised to clarify the lighting requirements and identify acceptable
alternatives. The reference to the OCA is removed from this paragraph
as it is duplicative to the reference in Sec. 73.55(b).
The proposed Sec. 73.55(i)(11)(ii) is renumbered as Sec.
73.55(i)(6)(ii). The Commission received several comments to clarify
the pre-existing requirement for 0.2-foot-candle illumination and the
application of low-light technology. Consistent with the proposed rule,
the current 0.2-foot-candle illumination requirement is explicitly
retained as the minimum standard for illumination levels at nuclear
power reactor facilities. However, Sec. 73.55(i)(6)(ii) is revised to
clarify and introduce the use of low-light technology to supplement the
facility lighting scheme and to provide the flexibility needed for
licensees to use low-light technology. The rule requires that licensees
will ensure that lighting levels either meet the 0.2-foot-candle
requirement, or employ low-light technology to ensure the protective
strategy can be implemented effectively.
Section 73.55(j), Communication Requirements. The Commission has
made no significant changes to Sec. 73.55(j). The Commission received
a comment that proposed Sec. 73.55(j)(1), which would require the
maintenance of continuous communication with offsite resources, was
without a basis. The commenter argued that the ability to maintain such
communication is beyond the ability of licensees. The Commission
disagrees. This requirement is retained from the pre-existing Sec.
73.55(f)(3) and remains unchanged. The rule requires that each licensee
security organization maintains continuous communication with local law
enforcement authorities and onsite personnel.
The Commission received a comment that proposed Sec.
73.55(j)(4)(iii), regarding the licensee's communication system, is not
appropriate for escorts. The Commission agrees and Sec. 73.55(j) is
revised to address the specific communication requirements of personnel
or entities requiring communications and communication systems to be
employed to meet the requirement. The rule requires that vehicle
escorts are provided by the licensee with the appropriate means to call
for assistance when needed. The final rule does not require a specific
form of communication media, and therefore, it is the responsibility of
each licensee to determine the appropriate communication media for
their site which may or may not include the use of hand-held radios,
public address systems, intercoms, etc.
[[Page 13945]]
The Commission received a comment that proposed Sec. 73.55(j)(6),
which would have required the licensee to identify and establish
alternative communication methods for areas of its facility where
communication could be interrupted or not maintained, was without a
basis, and would be virtually impossible to implement given a power
plant's reinforced concrete construction and trip sensitive equipment.
The Commission disagrees and believes that the commenter misinterpreted
the Commission's intent. A condition as described in the rule, if
present at a site, must be identified and accounted for to satisfy the
pre-existing Sec. 73.55(f)(1) requirement for continuous
communication. However, the Commission does not intend to require that
such conditions be ``fixed'' but rather that the licensee compensate
for this condition as needed and appropriate for their site-specific
considerations.
Section 73.55(k), Response Requirements. The proposed Sec. Sec.
73.55(k)(1)(ii) and (iii), regarding the training and qualification of
armed responders and the availability of certain equipment, are deleted
from the final rule. These requirements are sufficiently addressed in
the final rule in appendix B to part 73 and appendix C to part 73 and,
therefore, are redundant.
The proposed Sec. 73.55(k)(1)(iv), regarding training for assigned
weapons, is renumbered as Sec. 73.55(k)(2). The Commission determined
that the proposed Sec. 73.55(k)(3)(iv) is redundant to this
requirement and has revised Sec. 73.55(k)(2) to clarify performance
criteria.
The proposed requirement in Sec. 73.55(k)(1)(v) regarding weapons
training and qualification of armed responders is deleted from the
final rule because it is redundant to the requirements set forth in
appendix B to part 73.
The proposed Sec. 73.55(k)(3) is renumbered as Sec. 73.55(k)(4).
The final rule Sec. 73.55(k)(4) is clarified to delineate the duties
of armed responders and armed security officers. Section 73.55(k)(5) is
added to retain the pre-existing requirement, described in former Sec.
73.55(h)(3), for the minimum number of armed responders required to be
immediately available at the facility to fulfill response requirements.
The rule requires that each licensee will determine the specific
minimum number of armed responders needed to protect their facility and
that under no circumstances will that minimum number be less than 10
inside the PA and available at all times.
The proposed Sec. 73.55(k)(3)(iii) and (iv) are deleted from the
final rule. The Commission concluded that these proposed requirements
are redundant to the final rule appendix B to part 73 and Sec.
73.55(n)(1)(i), respectively.
The proposed Sec. 73.55(k)(6) regarding licensee personnel being
trained to understand their roles during security incidents, is deleted
from the final rule. The Commission has determined that this
requirement is more appropriate for site procedures and has deleted it
from the final rule.
The proposed Sec. 73.55(k)(7)(iv) is renumbered as Sec.
73.55(k)(8)(iii). The Commission received a comment that it does not
have a basis to require licensee notification of offsite agencies other
than local law enforcement upon receipt of an alarm or other threat
notification. The Commission generally agrees that the requirement is
not necessary. Section 73.55(k)(8)(iii) is revised to specify that
licensees must notify local law enforcement only in accordance with
their site procedures. However, as noted below, some licensees have
established liaison with non-local law enforcement agencies including
State or Federal. To the extent that these arrangements are noted in
those licensees' site procedures, the rule would require their
notification.
The proposed Sec. 73.55(k)(8) is renumbered as Sec. 73.55(k)(9).
The Commission received a comment that it does not have a basis to
require licensees to obtain liaison agreements with agencies other than
local law enforcement. The Commission disagrees with this comment but
has clarified the rule. In some instances, licensees have arrangements
with agencies not considered ``local law enforcement'' such as Federal
or State law enforcement agencies. It is, therefore, an appropriate
update to the regulatory framework to include the possibility of State
and Federal law enforcement agencies as well as local law enforcement
to account for sites whose local law enforcement are State or Federal
agencies. However, such agreements are not required by the rule.
Further, the Commission acknowledges that in some cases a local, State,
or Federal law enforcement agency cannot or will not enter into a
written agreement with a licensee, and in such cases the Commission's
expectation is that the licensee will make a reasonable effort to
pursue liaison with these agencies to the extent practicable and that
this liaison is documented.
The proposed appendix C to part 73, section II, paragraph (k),
``Threat Warning System,'' paragraph (k)(1), (k)(2), and (k)(3) are
moved and renumbered as Sec. 73.55(k)(10), paragraph (k)(10)(i), and
paragraph (k)(10)(ii). The Commission concluded that these requirements
are better presented in the regulatory framework for the physical
protection program. The rule requires that the licensee will pre-plan
specific enhancements to their physical protection program to be taken
upon notification by the NRC of a heightened threat environment.
Section 73.55(l), Facilities Using Mixed-Oxide (MOX) Fuel
Assemblies Containing up to 20 Weight Percent Plutonium Dioxide
(PuO2). The Commission received a comment that through this
proposed rulemaking, the NRC is ignoring the Atomic Safety and
Licensing Board's (ASLB) decision in the Catawba case. The commenter
stated that, in that case, the ASLB added security conditions to Duke
Energy's proposed security plan at Catawba and that one of the ASLB's
conditions is not in the proposed rule. The Commission disagrees with
this assertion. In fact, the Commission specifically rejected the
ASLB's imposition of additional license conditions for the use of MOX
fuel and affirmed the staff's conclusion that the additional security
measures provided by the licensee would provide reasonable assurance of
the protection of public health and safety in light of the theft risk
presented by the use of MOX fuel (Duke Energy Corp. (Catawba Nuclear
Stations, Units 1 and 2), CLI-05-14, 61 NRC 359 (2005)). The Catawba
license amendments were issued on March 3, 2005 (70 FR 11711; March 9,
2005). The requirements described in Sec. 73.55(l) are consistent with
the physical protection program enhancements that were applied to the
Catawba facility. Section 73.55(l) is revised to clarify that those
licensees choosing to use MOX fuel assemblies must implement additional
measures designed to prevent theft or diversion of un-irradiated MOX
fuel assemblies in addition to protecting the power reactor facility
against the design basis threat of radiological sabotage.
The Commission received a comment that the NRC did not define MOX
fuel in the proposed rule (with regard to concentration, weight, or any
other physical property), and suggested that this is necessary. The
Commission agrees, and Sec. 73.55(l) is revised to specify the maximum
percent weight of plutonium dioxide allowed within a MOX fuel assembly
and that the use of MOX fuel assemblies with percent weights greater
than 20 weight percent plutonium dioxide require unique and separate
approval from the Commission. In such cases, licensees would be
required to submit a license amendment
[[Page 13946]]
request, and the Commission would consider additional security measures
as necessary. Section 73.55(l)(3)(v)(B) is also revised to clarify the
number of physical barriers required for protection of un-irradiated
MOX fuel assemblies. Physical protection of un-irradiated MOX fuel
assemblies requires three physical barriers of which the water
contained within the spent fuel pool is the third barrier.
Finally, the commenter disagreed with the fact that the proposed
rule language did not make a distinction between the security applied
to a small number of MOX lead test assemblies and the security applied
to a large number of assemblies. The Commission disagrees that such a
distinction is necessary in the rule. Because the Commission considers
only one part of one assembly to be the goal quantity of a theft
scenario and because theft of only a portion of the fuel in one
assembly would be considered failure, no additional protection would be
added by distinguishing between multiple additional assemblies. The
physical protection program requirements specified in Sec. 73.55(l)
are appropriate for any quantity of unirradiated MOX fuel assemblies
that are less than or equal to 20 weight percent plutonium dioxide and
may be on-site at any time.
Section 73.55(m), Security Program Reviews. The proposed Sec.
73.55(m) for ``Digital computer and communication systems and
networks'' is relocated to a stand-alone section (10 CFR 73.54). The
Commission has determined that these requirements are best addressed as
a stand-alone section similar to the requirements for an access
authorization program.
The proposed Sec. 73.55(n) is renumbered as Sec. 73.55(m) to
account for the renumbering of the proposed Sec. 73.55(m) as 10 CFR
73.54.
The proposed Sec. Sec. 73.55(n)(1) and (n)(1)(ii) are combined and
renumbered as Sec. 73.55(m)(1). The Commission received a comment to
clarify the periodicity of audits and reviews required by proposed
Sec. 73.55(n)(1). Section 73.55(m)(1) is revised to clarify
periodicity. The rule requires that each licensee will review their
physical protection program to determine if the programmatic
requirements established are being implemented. The rule also requires
that each licensee will review the physical protection program to
determine if the physical protection program effectively meets
Commission requirements. The licensee must ensure that all components
or elements of the physical protection program are reviewed at
intervals no less than every 24 months. However, the Commission has
concluded that licensees must also review individual components or
elements of the physical protection program no later than 12 months
following a significant change to site-specific conditions, equipment,
personnel, or other performance indicators.
The proposed Sec. Sec. 73.55(n)(3) and (4) are deleted because
these requirements are redundant to the requirement to review the
physical protection program at intervals not to exceed 24 months.
The proposed Sec. 73.55(n)(5) is deleted because it is redundant
to the final rule Part 73, appendix B, Section VI, for the performance
evaluation program.
The proposed Sec. 73.55(n)(8) is deleted because the requirements
for the site corrective action program as stated in Sec. 73.55(b)(10)
address all issues, not just findings from reviews, audits, etc. as
stated in the proposed rule.
The proposed Sec. 73.55(n)(9) is deleted because this provision
does not apply to reviews and audits addressed herein and is limited to
only the conduct of training program requirements addressed in part 73,
appendix B, Section VI.
Section 73.55(n), Maintenance, Testing, and Calibration. The
proposed Sec. 73.55(o) is renumbered as Sec. 73.55(n) to account for
the renumbering of the proposed Sec. 73.55(m) to a stand-alone section
(10 CFR 73.54).
The proposed Sec. 73.55(o)(1)(i) is renumbered as Sec.
73.55(n)(1)(i). The Commission received a comment asking who determines
the ``predetermined intervals'' in which testing and maintenance are
required. The predetermined intervals for maintenance, calibration, and
performance testing of equipment are specified by manufacturer
specifications and the NRC. The Commission has concluded that specific,
pre-determined intervals for operability testing are required to ensure
that certain equipment is capable of performing its intended function.
Section 73.55(o), Compensatory Measures. The proposed Sec.
73.55(p) is renumbered as Sec. 73.55(o) to account for the renumbering
of proposed Sec. 73.55(m) for cyber security requirements to a stand-
alone Sec. 73.54.
Section 73.55(p), Suspension of Security Measures. The proposed
Sec. 73.55(q) is renumbered as Sec. 73.55(p) to account for the
renumbering of proposed Sec. 73.55(m) for cyber security requirements
to a stand-alone Sec. 73.54.
The Commission received a comment that proposed Sec.
73.55(q)(1)(ii) requires that a licensed senior operator approve the
suspension of safeguards measures. The commenter suggested that
approval from a licensed senior operator was excessive and that the
rule should be revised to permit approval by the ``on shift operations
manager.'' The Commission disagrees and finds that approval by a
licensed senior operator is appropriate for all suspensions of security
measures pursuant to Sec. 73.55(p). The allowance for suspensions of
security measures for severe weather conditions is based on the pre-
existing Sec. Sec. 50.54(x) and (y) which explicitly requires, at a
minimum, approval by a licensed senior operator. Under this provision,
the security supervisor recommends when security measures must be
suspended; and, consistent with the pre-existing Sec. Sec. 50.54(x)
and (y), a licensed senior operator must, at minimum, approve that
decision to ensure that other operational and safety concerns have been
fully considered and that there will be no adverse affects or undue
risk to the public health and safety as a result of the suspension.
Refer to NRC Regulatory Issue Summary 2008-26 ``Clarified Requirements
of Title 10 of the Code of Federal Regulations (10 CFR) Section
50.54(y) When Implementing 10 CFR Section 50.54(x) to Depart from a
License Condition or Technical Specification,'' dated October 29, 2008
(ML080590124), for further discussion of the requirements associated
with which licensee personnel may approve licensee departures from
license conditions or technical specifications.
The proposed Sec. 73.55(q)(4) is deleted because the requirement
to report the suspension of safeguards measures is redundant to Sec.
73.71 and is sufficiently addressed in Sec. 73.55(p)(3).
Section 73.55(q), Records. The proposed Sec. 73.55(r) is
renumbered as Sec. 73.55(q) to account for the renumber of proposed
Sec. 73.55(m) for cyber security requirements to a stand-alone section
(10 CFR 73.54). The proposed Sec. 73.55(d)(5) is renumbered as Sec.
73.55(q)(3) to retain the requirement for retention of security force
contracts as a record for the duration of the contract and retention of
superseded portions for three years following changes to that contract.
Section 73.55(r), Alternative Measures. The proposed Sec. 73.55(s)
is deleted because it is redundant to Sec. 73.58. The Commission has
determined that safety/security interface is a stand-alone section, the
applicability of which is adequately addressed in Sec. 73.58 and need
not be referenced in Sec. 73.55 to ensure clarity or applicability.
[[Page 13947]]
The proposed Sec. 73.55(t) is renumbered as Sec. 73.55(r) to
account for the renumbering of the proposed Sec. 73.55(m) for cyber
security requirements to a stand-alone section (10 CFR 73.54) and the
deletion of proposed Sec. 73.55(s) ``Safety/security interface.''
Section 73.55(r) represents the same set of requirements that were
described in former Sec. 73.55(a), which stated, in part, ``the
Commission may authorize an applicant or licensee to provide measures
for protection against radiological sabotage other than those required
by this section * * *.'' That provision had been known as the
``alternative measures'' provision although that specific phrase did
not appear in the rule text. The final rule codifies that phrase as it
relates to this process, but the requirements of seeking and obtaining
approval for an ``alternative measure'' essentially remains as it had
been set forth in the existing rule.
F. Section 73.56, Personnel Access Authorization Requirements for
Nuclear Power Plants
General Comments. Section 10 CFR 73.56, the Commission has revised
the proposed rule text and associated statement of considerations to
(1) address over 180 pages of the comments received on the proposed
rule, (2) provide additional clarifications and specifications, and (3)
correct errors. The following provides a brief explanation of the
significant changes to the proposed rule and the Commission's responses
to the comments.
The Commission received numerous comments on the proposed rule as a
result of unclear descriptions or inconsistent use of the roles and
responsibilities of licensees, applicants, and contractors or vendors
and the phrases ``grant unescorted access'' and ``authorize unescorted
access authorization.''
In response to the comments received and suggestions implicit in
the comments received on various provisions in the proposed rule, the
Commission improved the clarity and precision of the final rule by
providing the following clarification in the statement of consideration
for Sec. 73.56(a). First, the Commission replaced the phrases
``unescorted access authorization'' and ``access authorization'' with
the phrases ``unescorted access'' and/or ``unescorted access
authorization'' to correct misuse and misinterpretation of the rule.
Second, the Commission replaced the term ``grant'' associated with
``unescorted access authorization'' and ``access authorization'' with
the terms ``grant'' and/or ``certify.'' Finally, the Commission made
several revisions in order to provide clarification and/or
specifications on the roles and responsibilities of licensees,
applicants, and contractors or vendors.
Additionally, the Commission revised paragraphs (a)(4) and deleted
(a)(5) in the final rule to define and to provide clarification and
specification on the roles and responsibilities of licensees,
applicants, and contractors or vendors. Throughout the final rule, the
Commission revised the proposed rule text to reflect the above
clarifications and specifications.
Throughout the proposed rule text, the Commission received comments
that some of its statements in the proposed rule regarding the
accessibilities and capabilities of the information-sharing mechanism
that the industry is currently using to comply with the Commission's
requirements were incorrect. Specifically, commenters noted that the
information-sharing mechanism used by the industry does not contain
records, but rather it contains data representative of the records that
are accessed and controlled by licensees, applicants, and certain
contractors or vendors. The Commission agrees with the received
comments and revised the final rule to clarify that use of an
information-sharing mechanism is not a requirement; rather it is the
sharing of specific access authorization information with the other
licensees subject to this section that is required in accordance with
Sec. 73.56(o)(6).
Section 73.56(a), Introduction. The Commission deleted proposed
paragraphs (a)(2) and (a)(3) pertaining to the submission of access
authorization program amendments for Commission approval and the
continued implementation of the access authorization program under
current requirements in the final rule as those requirements have been
incorporated in Sec. 73.56(a)(1).
Section 73.56(b), Individuals Subject to the Access Authorization
Program. Commenters stated that proposed paragraph (b)(1)(ii) does not
contain a necessary provision that allows for short-term escorted
digital access and addresses access authorization requirements for an
individual accessing emergency response components that include
commercial facilities that are not subject to access authorization
requirements. The Commission disagrees with the recommended rule
requirements. The Commission finds that these comments are beyond the
scope of this rule because this section specifically provides for
requirements for unescorted access and unescorted access authorization
for protected and vital areas of nuclear power plants and to these
entities only. This section does not cover escorted digital access;
however, cyber security requirements are covered in Sec. 73.54.
Therefore, the NRC did not make any revision to the rule text.
Section 73.56(c), General Performance Objective. The Commission
received comments that the requirements set forth in proposed Sec.
73.56(d)(3) regarding identity verification requirements, did not
properly consider the North America Free Trade Agreement, which allows
Canadian citizens performing certain services to enter the United
States without either an alien registration or an I-94 Form. The
commenters also stated that the proposed rule text incorrectly allowed
contractors or vendors to evaluate the results of fingerprinting
required under Sec. 73.57. The Commission agrees with the received
comments and revised the proposed rule text to allow licensees and
applicants to use an alien registration or an I-94 Form to verify the
identity of a foreign national. Additionally, the NRC deleted the
requirement that required contractors or vendors to evaluate the
results of fingerprinting required under Sec. 73.57, and now only
licensees or applicants may do so.
The Commission received comments that the phrase, ``full credit
history evaluation'' stated in proposed Sec. 73.56(d)(5) needs
additional clarification and specification by providing a time period
for credit history. The comments also stated that fraud check should be
deleted from credit history checks and that credit history checks, or
other financial documentation, should be required for foreign nationals
in the final rule. The Commission agrees in part and disagrees in part
with the comments. The Commission disagrees with specifying the time
period for a credit history evaluation and deleting fraud checks from
the credit history check as the Commission notes that the requirements
set forth in this paragraph are consistent with the requirements set
forth in the 2003 order and with current industry practice. Further,
the full credit history evaluation requirements reflect the
Commission's intent that all financial information available through
credit-reporting agencies is to be obtained and evaluated because it
has the potential to provide highly pertinent information. However, the
Commission agrees with the commenter that the requirement should
address credit history checks of foreign nationals. The Commission
[[Page 13948]]
recognizes that certain foreign nationals' host countries may not have
routinely accepted credit reporting mechanisms, and therefore, the
Commission revised the final rule text to allow multiple sources of
credit history that could potentially provide information about a
foreign national's financial record and responsibility, not limited to
routinely accepted credit reporting mechanisms.
The Commission revised proposed Sec. 73.56(d)(7) to distinguish
the criminal history records check requirements for those individuals
who are expected to have unescorted access or unescorted access
authorization. Individuals who are expected to have unescorted access
must have a criminal history records check in accordance with the
requirements of 10 CFR 73.57. However, the NRC cannot obtain a criminal
history records check in accordance with Sec. 73.57 for individuals
not expected to have unescorted access because Section 149 of the AEA
limits the NRC's ability to obtain fingerprints from those individuals.
Instead, a criminal history records check of those individuals not
expected to have unescorted access will be obtained in accordance with
Sec. 73.56(k)(1)(ii).
Section 73.56(e), Psychological Assessment. The Commission received
comments that the term ``clinical'' should be removed from the phrase
``a licensed clinical psychologist or psychiatrist'' in proposed Sec.
73.56(e)(1) pertaining to qualifications for psychologists or
psychiatrists who conduct psychological assessments for trustworthiness
and reliability. The commenter stated that psychologists or
psychiatrists are licensed by states. However, some states might not
issue licenses using the term ``clinical'' psychologists or
psychiatrists. The Commission agrees with the comment and deleted the
term ``clinical'' because the focus is on a psychologist or
psychiatrist who has adequate experience, and that focus should not be
limited by a particular term that some states may not use in their
licensing procedures.
The Commission received comments that because proposed Sec.
73.56(e)(2) would have required psychologists and psychiatrists to
follow the ethical principles established by the American Psychological
Association or American Psychiatric Association, the proposed
regulation would limit the pool of available licensed and qualified
psychologists and psychiatrists who can perform the required
psychological assessments because these ethical principles might
deviate from the ethical principles established by the states that
license them and conflict with the requirements in proposed Sec.
73.56(e)(3), which requires licensed psychologists and psychiatrists to
have a face-to-face interview with an individual only after the
individual surpasses predetermined thresholds on a psychological test.
The commenter stated that Sec. 73.56(e)(3) is, therefore, in conflict
with the (e)(2) requirement to follow accepted ethical principles since
part of the American Psychological Association's Ethical Principles and
Code of Conduct mandates that psychologists interview in light of the
research on or evidence of the usefulness of interviewing and would
deviate from the ethical principles established by the American
Psychological Association or American Psychiatric Association if it
requires a psychological assessment that is not supported by research
and for which the assessors are not properly trained.
The Commission disagrees with these comments. For the first
comment, the Commission noted that the ethical principles established
by the American Psychological Association or American Psychiatric
Association specifically address the issues raised. These ethical
standards require psychologists and psychiatrists to comply with the
requirements of laws, regulations (including the requirements in
section 73.56), or other governing legal authorities. Thus, the
requirements set forth in this section do not deviate from the States'
licensing requirements.
In response to the second comment, the Commission disagrees that
Sec. Sec. 73.56(e)(2) and (e)(4) are contradictory because Section
1.02 of ``Ethical Principle of Psychologists and Code of Conduct''
addresses this issue and states that, if a psychologist's ethical
responsibilities conflict with law, regulations, or other governing
legal authority, psychologists would have to take steps to resolve the
conflict but must in any event adhere to the requirements of the law,
regulations, or other governing legal authority.
In response to the third comment regarding sufficient demonstrated
ability of psychological tests to help in the trustworthiness and
reliability determination, the Commission directed the commenter to the
considerable bodies of research in this area and pointed out a long
track record of intelligence and other agencies that have used the
Minnesota Multiphasic Personality Inventory--2 (MMPI-2) as well as
other personality tests for this purpose. Additionally, the Commission
noted that a psychological assessment is only one of many access
authorization program elements that licensees and applicants use for
determining an individual's trustworthiness and reliability.
However, agreeing in part with the last comment, the Commission
revised proposed Sec. 73.56(e)(1) in the final rule to require
psychologists or psychiatrists to be appropriately trained. Finally,
the Commission is confident that the results of psychological testing,
combined with the results of other access authorization program
elements, will yield high assurance regarding an individual's
trustworthiness and reliability.
The commenters stated that proposed Sec. 73.56(e)(3) should be
revised to allow psychiatrists or psychologists to establish
predetermined thresholds appropriate to the test and the target
population that would be applied in interpreting the results to
identify whether an individual shall be interviewed under Sec.
73.56(e)(4)(i) of this section and interview the individual without
administering the psychological test.
However, another commenter stated that establishing predetermined
thresholds for the psychological test is not sufficient for
establishing consistency among these psychological assessments. That
commenter stated that psychologists or psychiatrists who perform
psychological assessments must be properly trained. The Commission
agrees with the first comment and revised the final rule to state that
psychiatrists or psychologists shall establish the predetermined
thresholds for each scale to determine whether an individual shall be
interviewed. The Commission notes that it is appropriate and consistent
with current professional practice for psychiatrists or psychologists,
rather than the industry, to establish these threshold levels. However,
the Commission disagrees with the second comment because the
established thresholds for each scale must be applied equally and
fairly to all individuals subject to the psychological assessment
requirement, so a psychiatrist or psychologist may not waive this
requirement in favor of an interview. Finally, the Commission agrees in
part with the last comment and revised Sec. 73.56(e)(1) to require
that psychologists and psychiatrists be properly trained to ensure
consistency among assessments.
The Commission received comments that proposed Sec. 73.56(e)(5)
would be too limiting and prescriptive in that it would make the
reviewing official the focal point of a medical evaluation when
licensees or applicants discover pertinent medical-related information
about an individual who is being evaluated during an initial
psychological assessment. One
[[Page 13949]]
commenter recommended that the Commission revise the proposed paragraph
to avoid premature involvement of reviewing officials and therefore
allow knowledgeable professionals to complete their evaluations and
develop recommendations regarding the individual before involving the
reviewing official. The Commission agrees with the commenters and
revised the final rule to allow evaluation of the discovered medical
information before reporting to the reviewing official.
While developing a response to the comments received in item 11
above, the Commission added Sec. 73.56(e)(6) to address situations
during a psychological reassessment where a psychologist or
psychiatrist discovers any information, including a medical condition,
that could adversely impact the fitness for duty, trustworthiness, or
reliability of those individuals who are granted unescorted access or
certified unescorted access authorization. The psychologist or
psychiatrist must promptly inform the reviewing official, or the
appropriate medical personnel, of this discovery to ensure that
information is evaluated to determine that each person is trustworthy
and reliable.
Section 73.56(f), Behavioral Observation. The Commission received
comments that proposed Sec. Sec. 73.56(f)(3) and (g) should be revised
to allow individuals to report any concerns arising from a behavioral
observation program or reportable legal actions to the reviewing
official, the individual's supervisor or other management personnel
designated in their site procedures. The Commission agrees. The
Commission finds that individuals should be given options, with minimal
restrictions, regarding to whom they can report any concerns that arise
from a behavioral observation program or reportable legal actions by
allowing an individual to report to the reviewing official, the
individual's supervisor or other management personnel. However, if the
recipient of the report is someone other than the reviewing official,
that person must promptly convey the report to the reviewing official,
who shall determine whether to maintain, administratively withdraw, or
unfavorably terminate the reported individual's unescorted access or
unescorted access authorization status.
Section 73.56(h), Granting Unescorted Access and Certifying
Unescorted Access Authorization. To increase clarity in the
organizational structure of the requirements set forth in Sec.
73.56(h), the Commission reorganized Sec. Sec. 73.56(h)(1), (h)(2),
(h)(8), (h)(9), and (h)(10) to (h)(5), (h)(6), (h)(1), (h)(2), and
(h)(3), respectively, in the final rule. Additionally, the Commission
incorporated proposed Sec. Sec. 73.56(h)(3), (h)(4), (h)(5), (h)(6),
and (h)(7) into Sec. 73.56(h)(4). The NRC has added the last two
sentences in Sec. 73.56(h)(4)(ii) to correct errors in proposed Sec.
73.56(h)(3), which incorrectly listed reinstatement requirements for
those individuals who last held unescorted access or unescorted access
authorization that was terminated under favorable conditions within the
past 30 days.
The Commission received two comments that proposed Sec.
73.56(h)(8), stipulating the determination basis, needs to be revised
to allow licensees to deny unescorted access to an individual as soon
as the reviewing official receives information that would warrant such
a decision even if the reviewing official has at that point not
acquired all the information required by proposed Sec. 73.56. The
Commission agrees with the comment and revised Sec. 73.56(h)(1)(ii) to
reduce unnecessary regulatory burden by providing licensees and
applicants the flexibility to terminate the process upon receipt of
disqualifying information.
The Commission received two comments that proposed Sec.
73.56(h)(10) should be revised to require the initial access
authorization process for assessing individuals who have been in an
access-denied status and prevent licensees who possess derogatory
information about individuals from allowing those individuals any
access, whether unescorted or escorted, to their protected areas.
The Commission agrees with the first comment and revised the final
rule to delete reference to a re-instatement procedure by the licensee
and to require that the initial access authorization process be used
for adjudicating the access denied status consistent with current
licensee practices. The Commission disagrees with the second comment.
The Commission's unescorted access requirements do not contain specific
prescriptive disqualifiers for access; nor does the Commission believe
it is prudent to add any. Licensees are required by Sec. 73.56(h) to
consider all of the information obtained in the background
investigation as a whole in determining whether an individual is
trustworthy and reliable before granting unescorted access. There is no
particular piece of information that would automatically disqualify an
individual from access. Furthermore, the commenter's suggestion that
when licensees ``possess'' or ``come across'' such derogatory
information the individual should be prevented from having any access
is unworkable from a regulatory perspective. In order to avoid
potential enforcement action, a licensee would be put in a position to
conduct a full background investigation on an individual, which would
undermine the entire purpose behind having the ability to escort
visitors on site. The Commission does not see a basis to impose such a
measure. The Commission has concluded that the requirements set forth
in this section sufficiently address denial of unescorted access or
unescorted access authorization based upon receipt of disqualifying
information. The requirements for granting escorted access to visitors
are sufficiently addressed in 10 CFR 73.55.
Section 73.56(i), Maintaining Unescorted Access or Unescorted
Access Authorization. The Commission received three comments that
proposed Sec. 73.56(i)(1)(iv) should be revised. Commenters indicated
that the Commission made improper reference to licensees' and
applicants' Physical Security Plan for details about the Behavior
Observation Program, should replace the term ``interview'' with the
term ``review'' when referring to the ``annual supervisory review''
under which all individuals must undergo, and should use an ``annual''
supervisory review period rather than the phrase ``nominal 12 months.''
The Commission agrees with the first comment and revised the final
rule to replace reference to the Physical Security Plan with reference
to a licensee's Behavior Observation Program because details about the
Behavior Observation Program, such as the annual supervisory review,
are not found in the Physical Security Plan but rather in the
licensee's Behavior Observation Program documents. The Commission
agrees in part with the second comment regarding the use of the annual
supervisory review or interview, when applicable. All individuals must
be subject to an annual supervisory review, and the Commission added
the requirement that an individual be subject to a supervisory
interview if his/her supervisor has not had frequent interaction with
and observation of the individual throughout the review period. The
Commission notes that not all supervisors have sufficient information
about all of their employees due to current workforce practices and
trends making close interaction between supervisors and their employees
less common and difficult to achieve. Therefore, the Commission added
the interview requirement to ensure that supervisors have an adequate
basis to
[[Page 13950]]
make an informed and reasoned opinion regarding an individual's
behavior, trustworthiness, and reliability. Finally, the Commission
agrees that the term ``annual'' should be used instead of ``nominal 12-
month'' supervisor review as ``annual'' is the established component of
industry practice.
The Commission received comments that the 5-year psychological
reassessment requirements for individuals who are granted unescorted
access or certified unescorted authorization in the proposed Sec.
73.56(i)(1)(v)(A) deviates from current practice and imposes
significant cost to the licensee with minimal benefits. The Commission
agrees in part regarding the proposed 5-year psychological
reassessments. The Commission agrees that requiring a psychological re-
evaluation as part of the 5-year review for all individuals maintaining
unescorted access or unescorted access authorization status will add
significant and unnecessary costs, deviates from pre-existing
requirements, and provides minimal benefits. Therefore, the Commission
revised the final rule to limit the group of individuals who are
subjected to 5-year psychological reassessments to those individuals
who perform the job functions described in Sec. 73.56(i)(1)(v)(B). The
Commission believes these individuals should have a re-assessment on a
periodic basis.
The Commission received comments that the requirement set forth in
proposed Sec. 73.56(i)(1)(v)(B), requiring the reviewing official to
complete an evaluation of the criminal history update, credit history
re-evaluation, psychological re-assessment, and the supervisory review
within 30 calendar days of initiating any one of these elements,
deviates from current practice as industry does not conduct these
evaluations concurrently. The Commission agrees in part with the
comment and revised Sec. 73.56(i)(1)(v)(C) in the final rule to state
that only the credit history review and the criminal history review are
to be completed within 30 calendar days of each other to be consistent
with current industry practice. Because the purpose of the re-
evaluation is to provide a re-assessment based on a collective review
of data at a point in time and because a credit history review and a
criminal history review can be completed collectively within a small
number of days, the Commission has retained this 30 calendar day
requirement.
Section 73.56(k), Background Screeners. The Commission received
comments that Sec. 73.56(k)(2)(ii), regarding criminal history checks
for access authorization program screening personnel, should be revised
to allow licensees and applicants to use the criminal history check
required by proposed Sec. 73.56(d)(7) in lieu of a local criminal
history review. The Commission agrees with the comments and revised the
proposed rule text in the final rule to allow the flexibility of using
either criminal history check process for individuals who are subject
to the requirement because of a need for unescorted access or
unescorted access authorization.
Section 73.56(m), Protection of Information. The Commission
received comments that proposed Sec. 73.56(m)(3), pertaining to
providing information on denial or unfavorable termination of access
determinations to authorized personnel, did not describe a means for
licensees (1) to verify whether a representative who requests the
reasons for denying its client's unescorted access is legitimate and
(2) to protect the sources of the derogatory information. The
Commission agrees with the received comments and revised Sec.
73.56(m)(2) of the final rule to specify that representatives must be
designated by the individual in writing and that personal privacy
information, including information pertaining to the source, may be
redacted. The Commission concluded that these requirements are
necessary to provide the regulatory framework to ensure the protection
of personal information.
Section 73.56(n), Audits and Corrective Action. The Commission
received comments that proposed Sec. 73.56(n)(5), which would have
required the audit team to include a person who is knowledgeable and
practiced with meeting access authorization program performance
objectives, is not appropriate for contractors or vendors. The
commenters stated that the contractor or vendor audit team may not have
such a person who is knowledgeable of and practiced with meeting
authorization program performance objectives and requirements. The
Commission disagrees. This requirement applies to licensees and
applicants who are responsible for meeting the requirements of this
section. The rule requires that licensees and applicants will perform
audits of their access authorization program to include those program
elements that are provided by contractors and vendors.
The Commission received comments on proposed Sec. 73.56(n)(6) that
it would not be consistent with appendix B to 10 CFR part 50 of this
chapter, regarding who should receive the audit report. The Commission
agrees and revised the final rule Sec. 73.56(n)(6) to require that
audit results be provided to senior management having responsibility in
the area audited and to management responsible for the access
authorization program to ensure proper disposition and oversight of
issues identified during the conduct of audits.
G. Section 73.58, Safety/Security Interface Requirements for Nuclear
Power Reactors
The Commission did not make substantial changes to the final rule
requirements for Sec. 73.58. In response to comments, the Commission
clarified the supporting section-by-section analysis for Sec. 73.58.
The principal concern expressed by stakeholders was that the proposed
Sec. 73.58 provisions appeared to require implementation of broad new
programmatic requirements, and that it did not appear that the NRC had
sufficiently credited existing Commission required programs. It is not
the intent of this new requirement to impose new programmatic
requirements on licensees. If current programs and procedures are in
place to enable the safety/security interface to be assessed and
managed, the Commission expects that licensees would make maximum use
of such programs. The Commission does not believe it is necessary to
credit these existing programs in the rule. Instead, it intends to
address the crediting of existing programs in supporting regulatory
guidance. In response to public comment that expressed confusion as to
the Commission's basis for imposing the new Sec. 73.58 requirements,
the Commission clarified the final rule section-by-section analysis for
Sec. 73.58 to indicate that the new requirement is being added to part
73 as a cost-justified, substantial, safety enhancement per Sec.
50.109(a)(3) and in response to PRM-50-80.
H. Appendix B to Part 73, General Criteria for Security Personnel
The Commission received comments on the proposed title of appendix
B, section VI, which indicated that the title did not specify the
applicability of this appendix to security personnel. The Commission
agrees. The title of section VI of this appendix is revised to
``Nuclear Power Reactor Training and Qualification Plan for Personnel
Performing Security Program Duties'' in the final rule to reflect the
members of the security organization and other facility personnel that
may be trained and qualified to perform security-related duties at an
NRC-licensed nuclear power reactor facility.
Appendix B, Section VI.A.I. The Commission received comments on
this
[[Page 13951]]
paragraph that stated the proposed requirement could be broadly
interpreted to apply to many varied licensee positions. The Commission
agrees. The final rule is revised to clarify that the intent of this
requirement is to ensure that all individuals who perform physical
protection and/or contingency response duties within the security
program meet the minimum training and qualification requirements for
their assigned duties as specified within this appendix and the
Commission-approved training and qualification plan. The word
``individuals'' is used to capture members of the security organization
as well as those facility personnel who are assigned to perform
physical protection and/or contingency response duties within the
security program. Facility personnel performing physical protection
duties such as vehicle escort and materials search are included in the
context of this paragraph and the paragraphs throughout this appendix
where the word ``individuals'' is used, and is not preceded or followed
by phrasing that specifically identifies members of the security
organization. Facility personnel performing physical protection duties
need only meet the minimum training and qualification requirements for
the specific duty assigned in accordance with this appendix and the
Commission-approved training and qualification plan. Where requirements
of this appendix specifically apply to members of the security
organization, the language explicitly identifies this applicability.
Appendix B, Section VI.A.3. The language in this paragraph, and
paragraphs B.2.a(2), B.2.a(4), B.3.c, B.5.a, B.5.b, D.1.a, D.2.a, is
revised from ``members of the security organization'' to
``individuals.'' This revision is necessary to include facility
personnel who are not members of the security organization but have
been trained and qualified in accordance with this appendix and the
Commission-approved training and qualification plan and who are
assigned to perform physical protection duties such as vehicle escort
or material search.
Appendix B, Section VI.B.1.a(3). The language in this paragraph is
revised to remove the phrase ``an unarmed individual assigned to the
security organization'' as the applicability of this requirement is
previously specified in section B.1.a.
Appendix B, Section VI.B.1.a(4). During development of the final
regulations implementing the firearms background checks required under
section 161A of the AEA (42 U.S.C. 2201a), the Commission recognized
that the proposed suitability requirements for security personnel found
in appendix B to part 73, criteria VI.B.1, were not inclusive of the
list of disqualifying criteria found under the Gun Control Act of 1968
(GCA) (see 18 U.S.C. 922(g) and (n)). The GCA mandates that it is
unlawful for individuals who meet these disqualifying criteria to
possess firearms or ammunition. During development of the guidelines
required by section 161A of the EPAct (discussed previously in section
I.D.(a)), the NRC discussed this issue with the U.S. Bureau of Alcohol,
Tobacco, Firearms, and Explosive (ATF) which has responsibility for
regulatory oversight of this statute. The ATF's relevant regulation on
these provisions is found in 27 CFR 478.32.
During these discussions, ATF advised the NRC that it interprets
``any person'' under 18 U.S.C. 922(d) very broadly and that the
prohibition under this paragraph would apply to NRC licensees and
certificate holders. Furthermore, the ATF indicated that this
prohibition would apply to typical licensee or certificate holder
security practices involving the temporary possession of firearms and
ammunition. For example, instances in which a licensee issues firearms
and ammunition to a security officer at the beginning of the officer's
duty shift and the officer then returns the firearms and ammunition to
the licensee at the end of the officer's duty shift would fall under
the restrictions of 18 U.S.C. 922(d).
Consequently, the Commission has revised the language in Criteria
VI.B.1 to remind licensees of their obligation to comply with this
statutory requirement by adding a criterion to the licensee's
employment suitability program for armed security officers. However, to
account for the possibility that the law may change, or future laws may
be enacted affecting this obligation, the final rule is written
generically to maintain flexibility and reduce the potential need to
revise this requirement in future rulemakings. The Commission is not
imposing additional investigatory requirements on licensees. The
Commission's intent is for licensees to consider information collected
as a result of the individual's background investigation for
identification of GCA disqualifying criteria.
In the proposed rule the Commission had set forth proposed
requirements for a firearms background check under Sec. 73.18.
However, and as discussed elsewhere in this document, the Commission is
separating the provisions implementing section 161A of the EPAct 2005,
into a separate rulemaking and intends to relocate the firearms
background check provisions to Sec. 73.19. Consequently, because that
rule may not be issued before this rule or because a licensee may not
otherwise be subject to the firearms background check requirement, this
rule permits a licensee to satisfy the firearms background check
requirement by comparing information obtained during their access
authorization background investigation process with the disqualifying
criteria under the GCA to evaluate whether an individual could be
prohibited from possessing firearms and ammunition. The Commission
notes that a final determination on whether an individual is, or is
not, disqualified from possessing firearms and ammunition can be made
via a Federal firearms background check or an applicable State firearms
check. Furthermore, because this same issue also exists in criteria
I.A.1 of appendix B for armed security personnel at other classes of
NRC licensees and NRC certificate holders, the NRC also is making a
conforming change in criteria I.A.1 of this appendix similar to that
made to criteria VI.B.1 of this appendix.
Appendix B, Section VI.B.1.b. The Commission received comments on
this proposed paragraph that stated this blanket addition of having a
qualified training instructor document the qualifications of
individuals assigned to perform physical protection and/or contingency
response duties will create a huge administrative burden and add
additional cost as processes overseen by other organizations (such as
medical) would now require administration by a qualified training
instructor. The NRC disagrees with this comment. The intent of this
requirement is for the qualified training instructor to be responsible
for the final documentation of each security critical task
qualification as outlined in the Commission-approved training and
qualification plan that is performed by individuals who are assigned
physical protection and/or contingency response duties within the
security program.
Appendix B, Section VI.B.2.a(1). The Commission received a comment
recommending that the phrase ``of assigned security job duties and
responsibilities'' be added to the end of this provision in the final
rule to allow the use of personnel in a limited duty position. The
Commission agrees, and this paragraph is revised in the final rule to
add the phrase ``of assigned security duties and responsibilities'' to
the end of this provision to enable members of the security
organization who are medically disqualified from performing contingency
response duties
[[Page 13952]]
or specific physical protection duties for a period of time to perform
other physical protection duties that would not be affected by the
medical disqualification.
Appendix B, Section VI.B.2.a(4). The Commission received comments
on this proposed paragraph requesting further clarification as it
appears that this requirement for armed and unarmed individuals who are
assigned security duties and responsibilities identified in Commission-
approved security plans and licensee protective strategy and
implementing procedures (to meet the minimum physical requirements
identified in this appendix) is more stringent than the existing
requirement. The commenter specifically expressed the concern that
personnel performing in day-to-day security operations but having
little to no responsibility in an actual response to contingency events
should not be required to meet an increased physical standard. The
Commission disagrees with this comment. The physical standards
associated with this requirement are identified in paragraphs B.2.b
through B.2.f of this appendix within the final rule and reflect the
basic physical requirements to ensure that an individual possesses the
standard acuity levels associated with vision and hearing and that the
individual does not have a medical condition that is detrimental to the
individual's health or the performance of assigned duties. The
standards identified in paragraphs B.2.b through B.2.f are applicable
to all individuals who are assigned to perform physical protection and/
or contingency response duties within the security program to include
non-security organization personnel assigned to perform physical
protection duties such as vehicle escort or material search.
Appendix B, Section VI.B.4.a. The Commission received comments on
this proposed paragraph which stated that this requirement for armed
members of the security organization to be subject to a medical
examination before participating in the physical fitness test is
redundant to the requirement of paragraph B.2.a(2). The NRC agrees in
part. The physical examination discussed in paragraph B.2.a(2) of this
appendix may be used to fulfill this requirement. The rule requires
that an individual's current health status be verified before engaging
in the physical fitness test and that there is no existing medical
condition that would be detrimental to the individual's health when
placed under the physical stress induced by the physical fitness test.
Scheduling the physical fitness test for each armed individual as soon
as possible after the date of the physical examination required by
paragraph B.2.a(2) provides the verification of the individual's
current health status minimizes the possibility of the individual
incurring a medical condition from the time of examination to the time
that the physical fitness test is administered.
Appendix B, Section VI.B.4.b(4). The Commission received comments
that this proposed requirement for a qualified training instructor to
document the physical fitness qualifications of the armed members of
the security organization should allow for the use of a trained medical
professional to attest to the physical fitness qualification. The
Commission disagrees with the comment. The licensed medical
professional is required to conduct the medical examination before the
physical fitness test being administered. The purpose of the
examination is to verify that the individual's current health status is
sufficient to engage in the physical exertion of the test without being
detrimental to the individual's health. The licensed medical
professional provides a certification of the individual's health before
the test but is neither required to administer the physical fitness
test nor to document or attest to the successful completion of the
test. The rule requires that a qualified training instructor documents
the successful completion of the physical fitness test in the
individual's training record and that the documentation of the
completed requirement be attested to by a security supervisor. The
physical fitness test is a performance-based test that is designed to
demonstrate an individual's physical ability to perform assigned
security duties during a contingency event. The test consists of
performing physical activities associated with contingency response
duties that replicate site specific conditions that would be
encountered in the contingency response environment.
Appendix B, Section VI.C.2. The Commission received comments
requesting clarification of the scope of the on-the-job training
requirements. The Commission agrees that the scope of this requirement
should be clarified and has revised this paragraph to describe the
implementation of on-the-job training. The requirement for on-the-job
training is added to ensure that individuals assigned duties to
implement the physical security plan and safeguards contingency plan
possess practical hands-on knowledge, skills and abilities needed to
perform their assigned duties. Beyond the on-the-job training for daily
security program duties, the Commission requires an additional 40 hours
of on-the-job training specific to response to contingency events. The
rule requires that individuals (e.g. response team leaders, alarm
station operators, armed responders, and armed security officers
designated as a component of the protective strategy) assigned duties
and responsibilities to implement the safeguards contingency plan
complete a minimum of 40 hours of on-the-job training specifically
related to the licensee's protective strategy to demonstrate their
ability to apply the knowledge, skills, and abilities required to
effectively perform assigned contingency duties and responsibilities
before assuming those duties.
Appendix B, Section VI.C.3. The Commission received various
comments requesting the relocation of the performance evaluation
program requirements from the proposed part 73, appendix C, section II
to part 73, appendix B, section VI. The Commission agrees, and the
final rule is revised to include the performance evaluation program
requirements that were contained in the proposed part 73, appendix C,
section II.
Due to the merging of requirements within this section of this
appendix, many requirements have changed location and are renumbered.
The following proposed rule paragraphs are removed from the performance
evaluation program: the paragraph formerly identified as appendix C,
section II.(l)(6)(iv): ``Licensees shall ensure that scenarios used for
required drills and exercises are not repeated within any twelve (12)
month period for drills and three (3) years for exercises,'' is removed
to provide licensees the flexibility to repeat scenarios in conducting
tactical response drills and force-on-force exercises. The paragraph
formerly identified as appendix B, section VI, C.3.b(2): ``Tabletop
exercises may be used to supplement tactical response drills and
support force-on-force exercises to accomplish desired training goals
and objectives,'' is more appropriate for regulatory guidance,
therefore, is removed from this appendix.
The paragraph formerly identified as appendix C, paragraph (l)(5),
stating that ``members of the mock adversary force used for NRC-
observed exercises shall be independent of both the security program
management and personnel who have direct responsibility for
implementation of the security program, including contractors, to avoid
the possibility for a conflict of interest'' has been deleted. As noted
in the statements
[[Page 13953]]
of consideration to the proposed rule, the intent of adding this
provision to the rule was to address Section 651 of the EPAct 2005. (71
FR 62837) However, as noted above, the NRC does not normally subject
itself to its own regulatory requirements codified in the Code of
Federal Regulations. Section 651 imposes an obligation on the NRC to
implement the requirements of Section 651, which it has done. Licensees
are not responsible for this requirement. In light of this, the
Commission has determined that removing this provision from the final
rule is necessary and is therefore deleted.
Appendix B, Section VI.C.3(a). The Commission received a comment on
this paragraph that stated that the requirements in appendix B, section
VI, C.3 do not address Section 651 of the EPAct 2005, which requires
that not less often than once every 3 years, the Commission shall
conduct security evaluations (to include force-on-force exercises) at
each licensed facility that is part of a class of licensed facilities,
as the Commission considers to be appropriate, to assess the ability of
a private security force of a licensed facility to defend against any
applicable design basis threat. Additionally, the commenter stated that
this paragraph is not consistent with the current regulations,
specifically Sec. 73.46(b)(9) for Category I fuel cycle facilities
which clearly states the requirement for a Commission role in the
force-on-force exercise program. The Commission disagrees. Although the
Commission has the discretion to issue regulations that govern its own
practices (e.g. 10 CFR part 2), the Commission is not required to
reflect a requirement in the form of its own regulations. If the NRC
were required to implement an obligation in a particular way in a
regulation, then direction would come from Congress in the authorizing
statute. Unlike some other provisions of the EPAct 2005 (see, e.g.,
Section 170E requiring the NRC to conduct a rulemaking to revise the
design basis threat), the EPAct 2005 did not require the Commission to
implement the requirements of Section 651 by any particular method. In
light of this, the Commission has the discretion to implement its
statutory obligations as it sees fit.
The commenter references paragraph Sec. 73.46(b)(9) (regarding
force-on-force exercises for Category I strategic special nuclear
material (SSNM) fuel cycle facilities) as an example of a regulation
that imposes an obligation on the NRC to conduct force-on-force
evaluations, and the commenter argues that the power reactor
regulations should take a consistent approach. Section 73.46(b)(9),
however, does not reflect the proposition claimed by the commenter.
This provision requires that, during each 12-month period commencing on
the anniversary of the date specified in Sec. 73.46(i)(2)(ii) of this
section, an exercise must be carried out at least every 4 months for
each shift, one third of which are to be force-on-force and that during
each of the 12-month periods, the NRC shall observe one of the force-
on-force exercises. Thus, the regulation imposes an obligation on the
licensee to organize and conduct a force-on-force exercise to meet the
requirement and for the licensee to coordinate with the NRC who would
``observe'' one of those exercises. In contrast, the NRC is responsible
for the conduct of force-on-force exercises for power reactor licenses
mandated by Section 651 of the EPAct 2005. That this requirement is not
specifically reflected in a regulation is therefore not inconsistent
with the requirements of Sec. 73.46 and is consistent with the
agency's long-established practices.
The Commission notes, however, that it has strictly complied with
the requirements of Section 651. Since the enactment of Section 651,
which added Section 170D of the AEA, the NRC has conducted over 80
force-on-force inspections at nuclear power plants. In addition, the
NRC has submitted three annual reports to Congress describing the
results of its security inspections, as required by Section 170D.e of
the AEA. (See, e.g., the Commission's second annual report to Congress,
available at http://www.nrc.gov/security/2006-report-to-congress.pdf).
The Commission is, therefore, in full compliance with Section 170D of
the AEA and does not see the need to codify requirements to impose an
obligation on itself to meet this obligation.
Appendix B, Section VI.C.3.b. This proposed paragraph is revised to
reflect the overall program scope that is the basis for its design, and
the content of the necessary implementing procedures to conduct
tactical response drills and force-on-force exercises. The periodicity
requirement for the conduct of tactical response drills and force-on-
force exercises is removed from this paragraph as it is specified in
paragraph C.3.l(1) of this appendix.
Appendix B, Section VI.C.3.c. A commenter stated this section does
not comply with the EPAct 2005 because this section does not state
whether these exercises will be evaluated by NRC or even if the results
of the drills will be required to be submitted to the NRC. As noted
earlier, the Commission does not agree that it is appropriate to place
a requirement on the NRC in this rule text. This proposed requirement
(formerly paragraph C.3.b of this appendix) is renumbered and moved to
the performance evaluation program section of this appendix. The text
within this paragraph, as well as all of the other paragraphs within
this appendix that include the specific text of ``tactical response
team drills and exercises,'' has been changed to ``tactical response
drills and force-on-force exercises'' for accuracy and consistency of
language.
Appendix B, Section VI.C.3.d. The proposed paragraph C.3.b(1) was
renumbered and moved to the performance evaluation program section of
this appendix. The Commission received comments that stated that, in
the context of this paragraph, the rule language should focus on the
scope of drills and exercises and not solely on the performance of
individual participants. The Commission agrees and the final rule text
was revised to address both the scope of conducting tactical response
drills and force-on-force exercises as well as the importance of
individual performance by the members of the security response
organization.
Appendix B, Section VI.D.1.b. The Commission received comments
which requested that this paragraph, pertaining to the annual written
exam and performance demonstrations, be revised to be consistent with
the current regulatory requirements. The Commission also received a
comment recommending that the requirement for the annual written exam
be relocated to paragraph F.7 of this appendix as it applies to armed
security officers. The Commission agrees in part and has revised the
requirement by replacing the phrase ``annual written exam'' with the
phrase ``written exams'' to cover all written exams that may be
administered to armed and unarmed individuals to demonstrate their
proficiency. The requirement for the annual written exam is now
addressed in paragraph D.1.b(3) and identifies the specific
applicability of the annual written exam to armed members of the
security organization.
Appendix B, Section VI.D.1.b(3). This paragraph is added to provide
clarification on the specific applicability of the requirement for an
annual written exam to be administered to armed members of the security
organization.
Appendix B, Section VI.E.1.d. The Commission received comments
requesting that the list of prescribed proficiency standards be revised
so that it remains consistent with the standards outlined in the April
2003 training and qualification order (EA-03-039). The
[[Page 13954]]
Commission disagrees that a revision is necessary. Most of the elements
in this requirement are retained from the pre-existing rule and reflect
new elements that had been imposed by Commission orders. The additional
items listed were not intended to be bound solely by the elements
contained in the pre-existing list of order EA-03-039. The additions to
the list reflect the Commission's expectation for training and the
experience gained through nearly 30 years of security program
inspections and observations. It is the Commission's view that these
proficiency standards represent the minimal common firearms practices
that must be followed to ensure the safe handling, operation, and
appropriate training and qualification is achieved for weapons employed
by a licensee. Nonetheless, this requirement has been revised to
reflect accurate language consistent to what is used in the firearms
community for the performance elements identified.
Appendix B, Section VI.F.1.c. The Commission received comments that
recommended deleting the proposed requirement for individuals to be
requalified annually as it is duplicative of the requirement stated in
paragraph F.5 (proposed rule paragraph F.6). The Commission agrees and
this requirement is removed in the final rule.
Appendix B, Section VI.F.2. The proposed rule paragraph F.2 is
removed as the requirements for firearms qualification courses are
clearly identified in paragraphs F.2, F.3, and F.4 (proposed rule
paragraphs F.3, F.4, and F.5) of this appendix.
Appendix B, Section VI.F.3.a. This requirement has been renumbered
due to the removal of other requirements under this paragraph. The
Commission received comments on proposed rule paragraph F.4.a stating
that the requirement for daytime shotgun proficiency has increased by
20 percent above the current requirement with no rationale provided.
The Commission disagrees. The shotgun qualification score was upgraded
from 50 percent in the current rule to a score of 70 percent to
demonstrate an acceptable level of proficiency which is now reflected
in this appendix. The Commission found 70 percent to be a
professionally accepted minimum qualification score for daytime shotgun
proficiency in the firearms training community (local, State, and
Federal law enforcement, National Rifle Association (NRA),
International Association of Law Enforcement Firearms Instructors
(IALEFI), etc.).
Appendix B, Section VI.F.3.b. This requirement has been renumbered
from proposed rule paragraph F.4.b due to the removal of other
requirements under this paragraph. The Commission received comments
that stated nighttime shotgun proficiency has increased by 20 percent
above the current requirement with no rationale provided. The
Commission disagrees. The Commission found 70 percent to be a
professionally accepted minimum qualification score for nighttime
shotgun proficiency in the firearms training community (local, State,
and Federal law enforcement, NRA, IALEFI, etc.). The ``night fire''
requirement is upgraded from being an element of familiarization fire
in the current rule to a qualification requirement in the final rule.
This upgrade is necessary to ensure armed members of the security
organization possess and maintain a standard level of proficiency
during nighttime conditions. A score of 70 percent for handgun and
shotgun and 80 percent for the semi-automatic rifle and/or machine gun
must be achieved to demonstrate an acceptable level of proficiency.
Appendix B, Section VI.F.5. The NRC received comments on proposed
rule paragraphs F.5.a(2), F.5.b(2), F.5.c(2), and F.5.d(2) that
recommended deleting these requirements as they are duplicative of the
requirements in paragraphs F.3.a, b, and c (formerly paragraphs F.4.a,
b, and c). The Commission agrees that these requirements are
duplicative and has therefore removed them from the final rule. The
minimum qualification score for these weapons are stated in the re-
numbered paragraphs F.3.a and F.3.b of this appendix.
Appendix B, Section VI.F.5.a. The Commission received a comment on
proposed rule paragraph F.6.a that recommended adding the phrase ``and
the results documented and retained as a record'' to the end of the
provision. The Commission agrees and this requirement is revised to
include the recommended phrase. The rule requires licensees to document
the successful completion of qualifications for each weapon system
fired and that records of qualifications be maintained.
Appendix B, Section VI.G.2.b. The Commission received a comment
stating that the rule should not require that security officers carry
body armor with them but rather that body armor be readily available
should the security officers choose to wear it. The commenter also
noted that every security officer is already required to have access to
body armor. The commenter, therefore, suggested that the rule be
revised to permit the pre-staging of body armor at assigned response
positions as appropriate. The commenter also noted that duress alarms
are not personal equipment required for security officers and should
not be listed as such. The Commission agrees with the commenter and has
revised this paragraph in the final rule to clarify the specific
applicability of the required equipment listing to those armed security
personnel who are responsible for the implementation of the safeguards
contingency plan, protective strategy, and associated implementing
procedures. This revision permits a licensee to pre-stage equipment
(such as body armor) at designated locations consistent with their
protective strategy. The required equipment listing under this
paragraph is also revised to remove ``(4) Duress alarms'' as this piece
of equipment is not personal equipment associated with the specific
duties of armed security personnel. It is added, however, to paragraph
G.2.c as an optional piece of equipment that may be made available for
use in accordance with the protective strategy and implementing
procedures.
Appendix B, Section VI.G.2.c. The Commission received a comment
that the listing of personal equipment should not prescriptively
identify particular pieces of equipment as either optional or required
but rather the rule should permit licensees to designate required
personal equipment based on individual protective strategy
requirements. The commenter recommended that the term ``as
appropriate'' be inserted after the text ``should provide'' within the
paragraph. The Commission agrees in part, and this paragraph is revised
in the final rule to include the recommended phrase to further clarify
the suggested employment and distribution of the identified equipment
that should be provided in accordance with licensee policy and
implementing procedures. The equipment listing under this paragraph is
revised to include ``duress alarms'' as the equipment identified in
this listing is based upon what may be deemed by the licensee as
appropriate to fulfill specific physical protection and/or contingency
response duties as well as provide enhanced capabilities to the
security organization during day-to-day security operations and
contingency events.
Appendix B, Section VI.G.3.a. The NRC received a comment that the
requirement for armorer certification is new and not well-defined by
the proposed rule. The commenter believes that the requirement that the
armorer be certified is unnecessary because it limits licensee
flexibility to use experienced but uncertified personnel. The
Commission disagrees. The rule requires that only those individuals who
are
[[Page 13955]]
certified by the weapons manufacturer or a contractor working on behalf
of the manufacturer shall be used to perform maintenance and repair of
licensee firearms. Licensees may use a manufacturer's armorer and
certification process or use a contractor certified by the manufacturer
as an armorer to perform maintenance and repair of licensee firearms.
The proposed language of this requirement is maintained in the final
rule text.
H. Appendix C to Part 73, Licensee Safeguards Contingency Plans
General. The Commission received comments on this appendix that the
proposed changes would expand focus of the safeguards contingency plan
(SCP) by requiring specifics on non-security response efforts to
prevent significant core damage. In addition, the commenters stated
that the level of detail that would be required in the SCP would be
inappropriately increased. The Commission agrees in part. It is the
Commission's intent that licensee's SCP focus on the predetermined
actions of the site security force, and the final rule has been revised
to clarify this focus. The intent is not to incorporate other site
emergency plans into the SCP but to ensure that the licensee has
considered these other plans to avoid potential conflict. To accomplish
this, the NRC retained rule language in a format similar to the current
regulation, included requirements similar to those that had been
imposed by the Commission orders, reorganized the requirements, and
modified the language for a more concise understanding.
Appendix C, Section II.B Contents of the Plan. The Commission
received comments that the proposed appendix C inappropriately included
a licensee's entire integrated response for all postulated events
including those beyond the DBT. The commenters were also concerned that
portions of these requirements were not security related and,
therefore, should not be included in the security rule. The Commission
agrees in part with these comments and has revised the final rule
accordingly. Appendix C, section II has been revised to more clearly
reflect what the Commission expects to be included in a licensee's SCP.
The following proposed rule categories of information have been moved
to the licensee's planning basis: (5) ``Primary Security Functions,''
(6) ``Response Capabilities,'' and (7) ``Protective Strategy.''
The proposed rule category of information (8) ``Integrated Response
Plan'' is also removed from this appendix. The requirements associated
with this paragraph have been removed, modified, and/or relocated to
other applicable areas within this appendix to reduce confusion related
to the redundancy and duplication of information. In addition, the
proposed rule category of information (9) ``Threat Warning System'' is
removed from this appendix and included in 10 CFR 73.55(k)(10). The
proposed rule category of information (9) requirement regarding
`imminent threat' is relocated to new 10 CFR 50.54(hh)(1).
The Commission received comments that the requirements of the
performance evaluation program be moved to part 73, appendix B. As
explained earlier, the Commission agrees. The proposed rule category of
information (10) ``Performance Evaluation Program'' is removed from
this appendix in its entirety and has been incorporated in part 73,
appendix B, as these requirements describe the development and
implementation of a training program for the security force in response
to contingency events.
IV. Section-by-Section Analysis
A. Introduction
The purpose of this section is to identify what sections are being
affected by this final rulemaking and to provide explanations of the
purpose, scope, and intent of each section.
B. Section 50.34, Contents of Construction Permit and Operating License
Applications; Technical Information
Paragraph (c) of Sec. 50.34 is revised to require applicants for
an operating license to submit a training and qualification plan (in
accordance with appendix B to part 73) and a cyber security plan (in
accordance with the criteria in Sec. 73.54). These plans are in
addition to the licensee's physical security plan. Paragraph (c) is
revised such that the submittal requirements for applicants for
licenses that are subject to Sec. Sec. 73.50 and 73.60 remain
unchanged.
Paragraph (d) of Sec. 50.34 is revised to require applicants for
an operating license to submit a safeguards contingency plan in
accordance with section II of appendix C to part 73. Section II of
appendix C is revised to contain the requirements limited to power
reactor licensees. Additionally, paragraph (d) is revised so that the
safeguards contingency plan submittal requirements for applicants for
licenses that are subject to Sec. Sec. 73.50 and 73.60 remain
unchanged by requiring that these applicants follow section I of
appendix C to part 73.
Paragraph (e) of Sec. 50.34 is revised to require the cyber
security plan, which is a new plan required by this rulemaking and
which contains Safeguards Information, to be protected against
unauthorized disclosure consistent with Sec. 73.21.
Paragraph (i) is added to Sec. 50.34 to require submittal of a
description and plans for implementation of the guidance and strategies
intended to maintain or restore core cooling, containment, and spent
fuel pool cooling capabilities under the circumstances associated with
the loss of large areas of the plant due to explosions or fire as
required by Sec. 50.54(hh)(2). Regarding the requirements of Sec.
50.54(hh)(2), the NRC views the mitigative strategies as similar to
those operational programs for which a description of the program is
provided as part of the license application and that will be
implemented before plant operation. The Commission plans to review the
program description provided in the application as part of the
licensing process and perform subsequent inspections of procedures and
plant hardware to verify implementation. Because the Commission finds
that the most effective approach is for the mitigative strategies, at
least at the programmatic level, to be developed before construction
and reviewed and approved during licensing, a requirement for
information has been added to Sec. Sec. 50.34 and 52.80.
C. Section 50.54, Conditions of Licenses
Section 50.54(p)(1) is revised to add the cyber security plan to
the list of plans for which the plan changes need to be controlled by
Sec. 50.54(p).
D. Section 50.54(hh), Mitigative Strategies and Response Procedures for
Potential or Actual Aircraft Attacks
The mitigative strategies and response procedure requirements for
potential or actual aircraft attacks are located in new Sec. 50.54(hh)
so that these requirements are a condition of an operating or combined
license. This approach was chosen to ensure consistency with the method
by which the 2002 ICM order B.5.b mitigative strategies requirements
have been implemented for currently operating reactors. (See Orders
Modifying Licenses, 71 FR 36554; June 27, 2006).
Section 50.54(hh)(1) establishes the necessary regulatory framework
and clarifies current expectations to facilitate consistent application
of Commission requirements for preparatory actions to be taken in the
event of a potential aircraft threat to a
[[Page 13956]]
nuclear power reactor facility. Because aircraft threats are
significant, rapidly evolving events and because licensees may only
receive threat notifications a short time before potential onsite
impacts, the NRC has determined that it is not prudent for licensees to
attempt to identify and accomplish ad hoc mitigative actions in the
midst of such circumstances and employing a reactive approach would
significantly limit the effectiveness of onsite and offsite responses.
To cope effectively with potential aircraft threats, the rule requires
licensees to develop specific procedures, whether in a single procedure
or among several procedures, that describe the pre-identified actions
licensees intend to take when they are provided with pre-event
notification. These pre-event preparations provide the most effective
responses possible to aircraft threats and demonstrate systematic
onsite and offsite planning, coordination, communication, and testing.
To the extent possible, the rule requires licensees to develop,
implement, and maintain procedures for verifying the authenticity of
aircraft threat notifications to avoid taking actions in response to
hoaxes that may adversely impact licensees or the health and safety of
the public. Depending on the source of a threat notification, licensees
may or may not be able to establish contact with appropriate entities
to confirm the accuracy of the threat information received.
Consequently, if the threat information is not received from the NRC
Headquarters Operations Center, licensees are required to at least
contact the NRC Headquarters Operations Center for assistance with
verifying callers' identities or the veracity of threat information.
The national protocol for dealing with aircraft threats is designed
to be proactive with respect to threat identifications and
notifications. However, threat information sources may not be able to
identify specific targets, and given the dynamic nature of potential
aircraft threats, any associated notifications to licensees may
necessarily be reactive in nature. Additionally, licensees must rely on
sources which are external to their control rooms for potential
aircraft threat notifications and updates when available. As a result,
the rule requires licensees to develop, implement, and maintain
procedures for the maintenance of continuous communication with threat
notification sources because it is imperative that licensees establish
and maintain this capability throughout the duration of the pre-event
notification period. With such a capability, licensees will be able to
receive accurate and timely threat information upon which to base
decisions concerning the most effective actions that need to be taken.
For example, licensees would be aware that they may be able to cease
mitigative actions if it is determined a threat no longer exists, or
licensees may accelerate their protective actions if the threat
notification sources relate the aircraft may impact sooner than
originally projected. The local, regional or national FAA offices;
NORAD; law enforcement organizations; and the NRC Headquarters
Operations Center are examples of threat notification sources with
which licensees would be required to maintain a continuous
communication capability. If a licensee encounters a situation where
multiple entities are providing the same threat information (e.g., FAA,
NORAD and NRC Headquarters Operations Center), the licensee would only
be required to maintain continuous communication with the NRC
Headquarters Operations Center. The goal is to communicate pertinent
information to licensees and not to unnecessarily burden their
personnel with redundant requirements.
The rule also requires that licensees develop, implement, and
maintain procedures for contacting all onsite personnel and appropriate
offsite response organizations (e.g., fire departments, ambulance
services, emergency operations centers) in a timely manner following
the receipt of potential aircraft threat notifications. These
notifications ensure that onsite personnel have as much time as
possible to execute established procedures and provide offsite response
organizations the opportunity to perform the following:
Initiate, where possible, mutual aid assistance agreements
based on the perceived threat;
Commence the near-site mustering of offsite fire-fighting
and medical assistance for sites where these organizations are not
proximately located; or
Mobilize personnel for volunteer organizations or hospital
staffs when appropriate.
Licensees are expected to provide periodic updates to offsite
response organizations during the pre-event notification period as
appropriate. During the pre-event notification period, the rule
requires licensees to develop procedures to continuously assess plant
conditions and take effective actions to mitigate the consequences of
an aircraft impact. Examples include maximizing makeup water source
inventories, isolating appropriate plant areas and systems, ceasing
fuel-handling operations and equipment testing, starting appropriate
electrical generation equipment, and charging fire-service piping
headers. By taking these actions, licensees can better posture their
sites to minimize the potential public health and safety effects of an
aircraft crash at their facilities.
The rule also requires licensees to develop, implement, and
maintain procedures for making site-specific determinations of the
amount of lighting required to be extinguished, if any, to prevent or
reduce visual discrimination of sites relative to their immediate
surroundings and distinction of individual buildings within protected
areas. For example, it may make sense to turn off all the lights at an
isolated site but not for a site situated in an industrial area where
ambient lighting from surrounding industries is sufficient for target
discrimination. Licensees are expected to use centralized lighting
controls or develop prioritized routes that allow personnel to turn off
different sets of lights depending on available time when appropriate.
The safety of licensee personnel and contractors is paramount to
the successful response and implementation of mitigative measures after
an onsite aircraft impact. To the maximum extent possible after an
imminent aircraft threat notification, the rule also requires licensees
to develop, implement, and maintain procedures for dispersing
appropriate personnel and equipment (e.g., survey vehicles and
emergency kits) to locations throughout their sites. Such actions will
increase the chance that critical personnel and equipment will be
available to address the consequences of an onsite aircraft impact and
reduce the need to make improvised decisions during the pre-event
notification period. The decision whether to shelter the remaining
personnel in-place or evacuate them in response to an imminent aircraft
threat should be based on the physical layout of the site and the time
available to conduct an effective evacuation. It is expected that
licensees will conduct an analysis and develop a decision-making tool
for use by shift operations personnel to assist them in determining the
appropriate onsite protective action for site personnel for various
warning times and site population conditions (e.g., normal hours, off
normal hours, and outages). This decision-making tool shall be
incorporated into appropriate site procedures. It is expected that this
tool will be routinely used in drills and exercises and that any
deficiencies or weaknesses identified will be corrected
[[Page 13957]]
in accordance with Sec. 50.47(b)(14) and appendix E to part 50,
section IV.F.2.g. Depending upon the methodology used to determine
evacuation times, it may not be necessary for a licensee to suspend
security measures under Sec. Sec. 50.54(x) or 73.55(p), as applicable.
Licensees are required to develop procedures to facilitate the rapid
entry of appropriate onsite personnel as well as offsite responders
into their protected areas to deal with the consequences of an aircraft
impact.
Because the most well-considered plans and procedures do not
guarantee that critical on-shift personnel will survive an aircraft
impact, the rule requires licensees to develop, implement, and maintain
procedures for an effective recall process for appropriate off-shift
personnel. Those procedures shall describe the licensee's process for
initiating off-shift recalls during the pre-event notification period
and for directing responding licensee personnel to pre-identified
assembly areas outside the site protected areas. When possible, the
assembly area locations should be coordinated with offsite response
organizations to facilitate offsite response plans and to ensure that
off-shift licensee personnel will not be delayed access to the site
onsite when needed.
Section 50.54(hh)(2) requires licensees to develop guidance and
strategies for addressing the loss of large areas of the plant due to
explosions or fires from a beyond-design basis event through the use of
readily available resources and by identifying potential practicable
areas for the use of beyond-readily-available resources. These
strategies are to address a licensee's responses to events that are
beyond the design basis of the facility. The requirements in the final
rule are based on similar requirements originally found in the ICM
order of 2002. Ultimately, these mitigative strategies were further
developed and refined through extensive interactions with licensees and
industry. The NRC recognizes that these mitigative strategies are
beneficial for the mitigation of all beyond-design basis events that
result in the loss of large areas of the plant due to explosions or
fires. Current reactor licensees comply with these requirements through
the use of the following 14 strategies that have been required through
an operating license condition. These strategies fall into the three
general areas identified by Sec. Sec. 50.54(hh)(2)(i), (ii), and
(iii). The fire-fighting response strategy reflected in Sec.
50.54(hh)(2)(i) encompasses the following elements:
1. Pre-defined coordinated fire response strategy and guidance.
2. Assessment of mutual aid fire fighting assets.
3. Designated staging areas for equipment and materials.
4. Command and control.
5. Training of response personnel.
The operations to mitigate fuel damage provision in Sec.
50.54(hh)(2)(ii) includes consideration of the following:
1. Protection and use of personnel assets.
2. Communications.
3. Minimizing fire spread.
4. Procedures for implementing integrated fire response strategy.
5. Identification of readily-available, pre-staged equipment.
6. Training on integrated fire response strategy.
7. Spent fuel pool mitigation measures.
The actions to minimize radiological release provision in Sec.
50.54(hh)(2)(iii) includes consideration of the following:
1. Water spray scrubbing.
2. Dose to onsite responders.
The Commission considered specifically including these 14
strategies in Sec. 50.54(hh)(2). However, the Commission decided that
the more general performance-based language in Sec. 50.54(hh)(2) was a
better approach to account for future reactor facility designs that may
contain features that preclude the need for some of these strategies.
New reactor licensees are required to employ the same strategies as
current reactor licensees to address core cooling, spent fuel pool
cooling, and containment integrity. The mitigative strategies employed
by new reactors as required by this rule would also need to account
for, as appropriate, the specific features of the plant design, or any
design changes made as a result of an aircraft assessment that would be
performed in accordance with the proposed Aircraft Impact Assessment
rule (72 FR 56287; October 3, 2007).
Section 50.54(hh) is applicable to both current reactor licensees
and new applicants for and holders of reactor operating licenses under
either part 50 or part 52. Current reactor licensees have already
developed and implemented procedures that comply with the Sec.
50.54(hh)(2) requirements, and do not require any additional action to
comply with these rule provisions. New applicants for, and new holders
of, operating licenses under part 50 and combined licenses under part
52 are required to develop and implement procedures that employ
mitigative strategies similar to those now employed by current
licensees to maintain or restore core cooling, containment, and spent
fuel pool cooling capabilities under the circumstances associated with
loss of large areas of the plant due to explosions or fire. The
requirements described in Sec. 50.54(hh) relate to the development of
procedures for addressing certain events that are the cause of large
fires and explosions that affect a substantial portion of the nuclear
power plant and are not limited or directly linked to an aircraft
impact. The rule contemplates that the initiating event for such larges
fires and explosions could be any number of beyond-design basis events.
In addition, the Commission regards Sec. 50.54(hh) as necessary for
reasonable assurance of adequate protection to public health and safety
and common defense and security; this is consistent with the NRC's
designation of the orders on which Sec. 50.54(hh) is based as being
necessary for reasonable assurance of adequate protection.
As discussed previously, the Commission has proposed in a separate
rulemaking to require designers of new nuclear power plants (e.g.,
applicants for standard design certification under part 52, and
applicants for combined licenses under part 52) to conduct an
assessment of the effects of the impact of a large commercial aircraft
on a nuclear power plant. Based upon the insights gained from this
assessment, the applicant will be expected to include a description and
evaluation of design features and functional capabilities to avoid or
mitigate, to the extent practical and with reduced reliance upon
operator actions, the effects of the aircraft impact. New reactor
applicants would be subject to both the requirements of the aircraft
impact rule and the requirements Sec. 50.54(hh). The overall objective
of the Commission with both rulemakings is to enhance a nuclear power
plant's capabilities to withstand the effects of a large fire or
explosion, whether caused by an aircraft impact or other event, from
the standpoints of both design and operation. The impact of a large
aircraft on the nuclear power plant is regarded as a beyond-design
basis event. In light of the Commission's view that effective
mitigation of the effects of events causing large fires and explosions
(including the impact of a large commercial aircraft) should be
provided through operational actions, the Commission believes that the
mitigation of the effects of such impacts through design should be
regarded as a safety enhancement which is not necessary for adequate
protection. Therefore, the aircraft impact rule--unlike the
[[Page 13958]]
Sec. 50.54(hh)--is regarded as a safety enhancement which is not
necessary for adequate protection.
The Commission regards the two rulemakings to be complementary in
scope and objectives. The aircraft impact rule will focus on enhancing
the design of future nuclear power plants to withstand large commercial
aircraft impacts, with reduced reliance on human activities (including
operator actions). Section 50.54(hh)(2) focuses on ensuring that the
nuclear power plant's licensees will be able to implement effective
mitigative measures for large fires and explosions including (but not
explicitly limited to) those caused by the impacts of large commercial
aircraft. Thus, these revisions to the Commission's regulatory
framework for future nuclear power plants provide more regulatory
certainty, stability, and increased public confidence.
Section 50.54(hh) requirements do not apply to decommissioning
facilities for which the certifications required under Sec.
50.82(a)(1) or Sec. 52.110(a)(1) have been submitted. The NRC believes
that it is inappropriate that Sec. 50.54(hh) should apply to a
permanently shutdown defueled reactor where the fuel was removed from
the site or moved to an ISFSI. The Commission notes that the Sec.
50.54(hh) do not apply to any current decommissioning facilities that
have already satisfied the Sec. 50.82(a) requirements.
The Commission issued guidance (Safeguards Information) to current
reactor licensees on February 25, 2005, and additionally endorsed NEI
06-12, Revision 2, by letter dated December 22, 2006, as an acceptable
method for current reactor licensees to comply with the mitigative
strategies requirement. These two sources of guidance provide an
acceptable means for developing and implementing the mitigative
strategies. The Commission is currently developing a draft regulatory
guide that consolidates this guidance and addresses new reactor
designs.
E. Section 52.79, Contents of Applications; Technical Information in
Final Safety Analysis Report
Section 52.79(a)(36) is revised to require the cyber security plan,
developed in accordance with the criteria set forth in Sec. 73.54, to
be included amongst the security plans that are required to be included
in the final safety analysis report for a combined license under part
52. In addition, the cyber security plan is added to the list of plans
which must be handled as Safeguards Information in accordance with
Sec. 73.21.
F. Section 52.80, Contents of Applications; Additional Technical
Information
Section 52.80(d) is added to Sec. 52.80 to require a combined
license applicant to submit a description and plans for implementation
of the guidance and strategies intended to maintain or restore core
cooling, containment, and spent fuel pool cooling capabilities under
the circumstances associated with the loss of large areas of the plant
due to explosions or fire as required by Sec. 50.54(hh)(2) of this
chapter. The Commission views the mitigative strategies required by
Sec. 50.54(hh)(2) as similar to those operational programs for which a
description of the program is provided as part of the combined license
application and subsequently implemented before plant operation. The
Commission reviews the program description provided in the application
as part of the licensing process and performs subsequent inspections of
procedures and plant hardware to verify implementation.
G. Section 72.212, Conditions of General License Issued Under Sec.
72.210
Conforming changes were made to Sec. 72.212 to reference the
appropriate revised paragraph designations in Sec. 73.55. No change to
the substantive requirements of this section is intended. Conforming
changes were made to preserve the current requirements for general
licenses issued per Sec. 72.210 for the storage of spent fuel in an
ISFSI. The Commission has initiated a separate rulemaking to revise the
requirements for the security of ISFSIs and thus prefers to maintain
the current regulatory structure until that rulemaking is completed.
Section 72.212(b)(5) requires that spent fuel stored in an ISFSI be
protected against the design basis threat of radiological sabotage with
conditions and exceptions. The changes made to Sec. 72.212 are
intended to preserve those conditions and exceptions since these ISFSI
licensees are not the subject of the rulemaking. Specifically, Sec.
72.212(b)(5)(ii) is revised to reference Sec. 73.55(e) because Sec.
73.55(e) provides the protected area criteria, within which the spent
fuel must be stored, while preserving the exception that spent fuel is
not required to be within a separate vital area.
Section 72.212(b)(5)(iii) is revised to reference Sec. 73.55(h)
because Sec. 73.55(h) provides the personnel search criteria for Sec.
72.212. Section 72.212 provides an exception allowing a physical pat-
down search of persons to be performed in lieu of the use of firearms
and explosives detection equipment. Section 72.212(b)(5)(iv) is revised
to reference Sec. 73.55(i)(3) since Sec. 73.55(i)(3) provides the
intrusion detection and assessment requirements for which Sec. 72.212
provides an exception allowing a guard or watchman on patrol to provide
this observational capability. Section 72.212(b)(5)(v) is revised to
exempt ISFSI licensees from the requirements in Sec. 73.55 to
interdict and neutralize threats preserving this exception. Due to the
restructuring of Sec. 73.55, a specific reference to a paragraph in
Sec. 73.55 was no longer possible, and a more general exception was
written into Sec. 72.212. The Commission intends for the same
exception to continue.
H. Section 73.8, Information Collection Requirements: OMB Approval
Section 73.8 is revised to add Sec. 73.54 and Sec. 73.58 to the
list of part 73 sections, which contain collection requirements that
have been approved by the Office of Management and Budget.
I. Section 73.54, Protection of Digital Computer and Communication
Systems and Networks
This new section describes the requirements for nuclear power plant
licensees to establish a cyber security program.
Section 73.54, General. This section requires current nuclear power
plant licensees to submit a cyber security plan within 180 days of the
effective date of the rule for NRC review and approval. The cyber
security plan must be submitted to the NRC as a license amendment
pursuant to Sec. 50.90. Current applicants for an operating license or
combined license who have submitted their applications to the NRC prior
to the effective date of this rule are required to amend their
applications to include a cyber security plan consistent with this
rule.
Section 73.54(a), Protection. This paragraph establishes the
regulatory framework and requirements for the cyber security program in
meeting the requirement for protection against the design basis threat
of cyber attack identified in Sec. 73.1. This paragraph has been
expanded from the proposed rule to provide a more detailed list of the
types of systems and networks that are intended to be protected.
Section 73.54(b), Analysis of Digital Computer and Communication
Systems and Networks. This paragraph establishes requirements for an
analysis. The rule requires that each licensee will analyze the digital
computer and communication systems and networks in use at their
facility to identify those
[[Page 13959]]
assets that require protection and that the licensee's cyber security
program will include measures for the protection of the digital
computer and communication systems and networks identified by the
licensee through the required analysis. Cyber security, like physical
security, focuses on the protection of equipment, systems, and networks
against attacks by those individuals or organizations that would seek
to cause harm, damage, or adversely affect the functions performed by
such equipment, systems, and networks. Cyber security and physical
security programs are intrinsically linked and must be integrated to
satisfy the physical protection program design criteria of Sec.
73.55(b). The Commission recognizes that a uniquely independent
technical expertise and knowledge is required to effectively implement
the cyber security program, and therefore, the specific training and
qualification requirements for the program must focus on ensuring that
the personnel who implement the cyber security program are trained,
qualified, and equipped to perform their unique duties and
responsibilities.
Section 73.54(c), Cyber Security Program. This paragraph describes
the design components of the cyber security program including controls,
prevention, defense-in-depth, and system functionality. The cyber
security program must be designed to implement security controls for
protected digital assets; apply and maintain defense-in-depth
protective strategies to ensure the capability to detect, respond, and
recover from cyber attacks; and ensure the functions of protected
digital assets are not adversely impacted due to cyber attacks. With
regard to Sec. 73.54(c)(4), the NRC requires that the cyber security
program be designed to ensure that the intended function of the assets
identified by Sec. 73.54(a)(1) and the analysis required by Sec.
73.54(b)(1) are maintained.
With regard to Sec. 73.54(c)(2), defense-in-depth for digital
computer and communication systems and networks includes technical and
administrative controls that are integrated and used to mitigate
threats from identified risks. The need to back up data as part of a
defense-in-depth program is dependent upon the nature of the data
relative to its use within the facility or system.
Defense-in-depth is achieved when (1) a layered defensive model
exists that allows for detection and containment of non-authorized
activities occurring within each layer, (2) each defensive layer is
protected from adjacent layers, (3) protection mechanisms used for
isolation between layers employ diverse technologies to mitigate common
cause failures, (4) the design and configuration of the security
architecture and associated countermeasures creates the capability to
sufficiently delay the advance of an adversary in order for preplanned
response actions to occur, (5) no single points of failure exist within
the security strategy or design that would render the entire security
solution invalid or ineffective, and (6) effective disaster recovery
capabilities exist for protected systems.
The Commission's intent for a licensee's cyber security program is
that a licensee or applicant implements operational elements to address
the requirements of this rule but not necessarily address such
requirements through the design of its facility. However, as with other
elements of a licensee's physical security program, an applicant or
licensee could consider how these requirements could be addressed
through the design of its facility, to the extent practicable, but this
is not required by the rule.
Section 73.54(d), Cyber-Related Training, Risk and Modification
Management. This paragraph requires licensees to develop, implement,
and maintain supporting programs within the cyber security program. The
Commission requires licensees to perform an analysis as identified in
Sec. 73.54(b)(1) for any newly installed digital computer and
communication systems and network equipment whether the new equipment
is stand-alone or is installed to replace outdated equipment.
To ensure that the measures used to protect digital computer and
communication systems and networks remain effective and continue to
meet high assurance expectations, the licensee's cyber security program
must evaluate and manage cyber risks. Licensees must evaluate changes
to systems and networks when modifications are proposed for previously
assessed systems and new technology-related vulnerabilities not
previously analyzed in the original baseline or periodic assessments
that would act to reduce the cyber security environment of the system
are identified.
Section 73.54(e), Cyber Security Plan. This paragraph establishes
the requirements for a written cyber security plan that outlines the
licensee's implementation of their program to include incident response
and recovery, detection, response, mitigation, vulnerabilities, and
restoration. The plan must describe how the Commission requirements of
this section are implemented and must account for site-specific
conditions that affect implementation. Applicants for combined license
under part 52 of this chapter should have sufficient information
available to prepare and submit a plan as required by Sec. 52.79. Such
plans will likely require updates and revisions in accordance with
Sec. 50.54(p) as digital networks and systems are better defined
during a plant's specific design and construction. The rule requires
that the cyber security incident response and recovery measures will be
part of the cyber security plan.
Section 73.54(f), Policies and Procedures. This paragraph
establishes requirements for licensees to have and maintain written
policies and procedures for the implementation of the cyber security
plan. The Commission does not intend for licensees to submit policies,
implementing procedures, site-specific analysis, and other supporting
technical information used by the licensee in development of their
cyber security plan; however, such information must be made available
upon request by an authorized representative of the NRC.
Section 73.54(g), Reviews. This paragraph establishes the licensee
review requirements for the cyber security program. The rule requires
that the cyber security program be reviewed by the licensee on a
periodic basis in accordance with Sec. 73.55(m).
Section 73.54(h), Records. This paragraph establishes record
retention requirements for the cyber security program. The rule
requires that each licensee will retain the technical information
associated with the assets identified by Sec. 73.54(b)(1) pertinent to
compliance with Sec. 73.54.
J. Section 73.55, Requirements for Physical Protection of Licensed
Activities in Nuclear Power Reactors Against Radiological Sabotage
Section 73.55(a), Introduction. This paragraph outlines the
implementation, plans, program, scope and applicability of this
section. The rule requires that each licensee shall evaluate the
security plan changes needed to comply with the amended requirements of
the final rule. Licensees are expected to make any changes necessary to
comply with the final rule by March 31, 2010. It is up to the licensee
to determine the appropriate mechanism to make those changes whether it
be as a change under Sec. 50.54(p) or as a license amendment pursuant
to Sec. 50.90. As noted earlier, it is the Commission's view that
current licensees are largely already in compliance with the
requirements in this rule, and any changes that would be
[[Page 13960]]
necessitated by this final rule would not decrease the effectiveness of
current licensee security plans, so in most instances a change under
Sec. 50.54(p) would be appropriate. However, the Commission also
acknowledges that, based on site-specific conditions, a limited number
of plan changes might require Commission review and approval before
implementation. In such instances, licensees would be expected to
submit security plan changes through license amendments or requests for
exemptions under Sec. 73.5. With respect to applicants who have
already submitted an application to the Commission for an operating
license or combined license as of the effective date of this rule,
those applicants are required to amend their applications to the extent
necessary to address the requirements in this section.
Licensees are responsible for maintaining physical protection in
accordance with Commission regulations through the approved security
plans. Any departures from the Commission's regulations must be
specifically approved by the Commission in accordance with Sec. Sec.
73.55(r) or 73.5. Upon the Commission's written approval, the approved
alternative measure or exemption becomes legally binding as a license
condition in lieu of the specific 10 CFR requirement.
This paragraph establishes when an applicant's physical protection
program must be implemented. The receipt of special nuclear material
(SNM) in the form of fuel assemblies onsite, (i.e. , within the
licensee's protected area) is the event that subjects a licensee or
applicant to the requirements of this rule, and it is the
responsibility of the applicant or licensee to complete the preliminary
and preparatory actions required to implement an effective physical
protection program at the time SNM is received onsite (within the
protected area).
Section 73.55(b), General Performance Objective and Requirements.
This paragraph outlines the general performance objective and design
requirements of the licensee physical protection program. Licensees are
required to provide protection against the design basis threat of
radiological sabotage. To accomplish this, the physical protection
program is designed to prevent significant core damage and spent fuel
sabotage. Significant core damage and spent fuel sabotage can be
measured through accepted engineering standards, and provide measurable
performance criteria that are essential to understanding the definition
of radiological sabotage. The design requirement of this section also
requires licensees to conduct a site-specific analysis that accounts
for site conditions and utilizes the integration of systems,
technologies, programs, equipment, supporting processes, and
implementing procedures. The physical protection program is supported
by the access authorization, cyber security, and insider mitigation
programs to meet the performance object of this section. The
effectiveness of the physical protection program specific to the
licensee protective strategy is measured through implementation of the
performance evaluation program.
Section 73.55(c), Security plans. This paragraph outlines the
requirements for, contents of, and protection of security plans and
implementing procedures. The primary focus of the security plans is to
describe how the licensee will satisfy Commission requirements to
include how site-specific conditions affect the measures needed at each
site to ensure that the physical protection program is effective.
Security plans include the physical security plan, training and
qualification plan, safeguards contingency plan, and cyber security
plan. The cyber security plan is subject to the same review and
approval process as the physical security plan, training and
qualification plan, and safeguards contingency plan.
Section 73.55(d), Security Organization. This paragraph outlines
the requirements for the composition, equipping, and training of the
security organization. The intent is that the security organization
will focus upon the effective implementation of the physical protection
program. Individuals assigned to perform physical protection or
contingency response duties must be trained, equipped, and qualified in
accordance with appendix B to perform those assigned duties and
responsibilities whether that individual is a member of the security
organization or not. The rule requires that facility personnel, who are
not members of the security organization, will be trained and qualified
for the specific physical protection duties that they are assigned
which includes possessing the knowledge, skills, abilities, and the
minimum physical qualifications.
Section 73.55(e), Physical Barriers. This paragraph outlines the
generic and specific requirements for the design, construction,
placement, and function of physical barriers. Physical barriers are
used to fulfill many functions within the physical protection program,
and therefore, each physical barrier must be designed and constructed
to serve its predetermined function within the physical protection
program. The rule requires that each licensee will analyze site-
specific conditions to determine the specific use, type, function,
construction, location, and placement of physical barriers needed for
the implementation of the physical protection program. This paragraph
also describes the requirements to maintain the integrity of physical
barriers through the implementation of maintenance and observation
measures.
Section 73.55(f), Target Sets. This paragraph provides requirements
for the development, documentation, and periodic re-evaluation of
target sets. Target sets are a minimum combination of equipment or
operator actions which, if prevented from performing their intended
safety function or prevented from being accomplished, would likely
result in significant core damage (e.g. , non-incipient, non-localized
fuel melting, and/or core destruction) or a loss of coolant and
exposure of spent fuel barring extraordinary actions by plant
operators. Credit for operator actions will be given only if the
following criteria are met: (1) sufficient time is available to
implement these actions, (2) environmental conditions allow access
where needed, (3) adversary interference is precluded, (4) any
equipment needed to complete these actions is available and ready for
use, (5) approved procedures exist which have entering conditions
outside of severe accident mitigation guidelines (SAMG) or equivalent,
and (6) training is conducted on the existing procedures under
conditions similar to the scenario assumed. This rule requires each
licensee to implement a process for the oversight of target set
equipment, systems, and configurations using existing processes. This
ensures that changes made to the configuration of target set equipment
and modes of operation are considered in the licensee's protective
strategy. Target set requirements include consideration of the effects
of cyber attacks and is consistent with Commission requirements for
protection against the design basis threat of radiological sabotage
stated in Sec. 73.1.
Section 73.55(g), Access Controls. This paragraph outlines the
requirements regarding access control systems, devices, processes, and
procedures for personnel, vehicles, and materials during normal and
emergency conditions. Access controls relative to the owner controlled
area, protected area, and vital areas are specifically addressed within
this paragraph including visitor and escort requirements. The rule
requires that the licensee will ensure that all access
[[Page 13961]]
controls are performing as intended and have not been compromised such
that no person, vehicle, or material is able to gain unauthorized
access beyond a barrier.
With regard to escorts, the rule requires that all escorts will be
trained to perform escort duties and that this training may be
accomplished through existing processes, such as the General Employee
Training (personnel escort) and/or the security Training and
Qualification Plan (vehicle escorts). Personnel escorts are required to
maintain timely communication with the security organization when
performing escort duties to summon assistance if needed. Vehicle
escorts are required to maintain continuous communication with the
security organization when performing escort duties to summon
assistance if needed.
Section 73.55(h), Search Programs. This paragraph prescribes the
search requirements of personnel, vehicles, and materials before
granting access to the owner controlled and protected areas during
normal and emergency conditions. The rule requires that a general
description of the broad categories of material that will be excepted
will be stated in the licensee security plans with detailed
descriptions being identified in implementation procedures.
Section 73.55(i), Detection and Assessment Systems. This paragraph
delineates the requirements for detection and assessment for operating
reactors and applicants as applied to the physical protection program.
Detection and assessment are addressed together as a consequence of
their importance for ensuring that an adequate response can be
initiated and completed as a result of an alarm or through surveillance
observation and monitoring by security personnel. Alarm stations are
required to possess the equipment needed for detection, assessment, and
communication or otherwise implement the protective strategy and
maintain these capabilities through uninterruptible and secondary power
sources. In addition, the survivability requirements for alarm stations
pertaining to a single act within the capabilities of the design basis
threat are addressed in this paragraph. The requirement to construct,
locate, protect, and equip both the central and secondary alarm
stations is applicable to only applicants for an operating or combined
license that is issued after the effective date of this final rule. The
rule requires that both alarms stations at future facilities will be
equal and redundant.
Section 73.55(j), Communication Requirements. This paragraph
stipulates the communication requirements for the security organization
during normal and emergency conditions. The rule requires that the
licensee security organization possesses and maintains the capability
for continuous communication with internal security personnel, vehicle
escorts, local law enforcement authorities, and the control room.
Section 73.55(k), Response Requirements. This paragraph outlines
the provisions regarding the security response organization's
structure, liaison with local law enforcement authorities, and measures
to increase the security posture under heightened threat conditions.
The rule requires that each licensee will determine the specific
minimum number of armed responders and armed security officers needed
to protect their facility and will document this minimum number in
security plans. The threat warning system is intended to provide pre-
planned enhancements to the licensee physical protection program to be
taken upon notification by the NRC of a heightened threat. The specific
details regarding response requirements are addressed in appendix C of
this part.
Section 73.55(l), Facilities Using Mixed-Oxide (MOX) Fuel
Assemblies Containing Up to 20 Weight Percent Plutonium Dioxide (PuO2).
This paragraph establishes the requirements for the physical protection
of MOX used at nuclear power reactor facilities in addition to the
physical protection program requirements addressed by this section.
These protective measures are necessary to account for the type of
special nuclear material contained in MOX fuel assemblies. These
additional requirements include measures for the search and inspection
of MOX fuel assemblies, storage MOX fuel assemblies, material control
and accounting, and controls for the use of fuel handling equipment
used for the movement of MOX fuel assemblies.
Section 73.55(m), Security Program Reviews. This paragraph
establishes requirements for the licensee's review of its physical
protection programs. The rule requires that each licensee will review
the physical protection program, in its entirety, at least every 24
months or less when significant changes are made. The conduct of
reviews, to include audits is intended to provide a level of assurance
that each element of the physical protection program is performing as
intended to satisfy Commission requirements. Reviews also ensure that
any changes to site specific conditions do not adversely impact the
capability of a given element to perform the intended function within
the physical protection program.
Section 73.55(n), Maintenance, Testing, and Calibration. This
paragraph establishes requirements for the maintenance, testing, and
calibration security equipment required to implement the physical
protection program. The rule requires that each licensee will perform
maintenance, testing, and calibration activities at intervals required
to ensure the equipment is operating as intended. The conduct of
maintenance, testing, and calibration activities is intended to provide
a level of assurance that security equipment is performing within
acceptable parameters established to support the physical protection
program and satisfy Commission requirements. Specific intervals for
maintenance, testing, and calibration are determined by the NRC and
manufacturer specifications.
Section 73.55(o), Compensatory Measures. This paragraph establishes
requirements for the actions to be taken by a licensee in response to a
failure or degradation of security equipment to perform intended
functions within the physical protection program. The rule requires
that the licensee will identify conditions where security equipment has
failed or is not operating as required and initiates timely actions
that ensure the failure or degradation cannot be exploited.
Section 73.55(p), Suspension of Security Measures. This paragraph
establishes requirements for the suspension of security measures in
response to emergency and extraordinary conditions. Section
73.55(p)(1)(i) represents no change from the previous suspension
provision that was described in former Sec. 73.55(a). The requirements
of this paragraph are intended to provide flexibility to a licensee for
taking reasonable actions that depart from an approved security plan in
an emergency when such actions are immediately needed to protect the
public health and safety and no action consistent with license
conditions and technical specifications that can provide adequate or
equivalent protection is immediately apparent in accordance with Sec.
50.54(x) and (y). Therefore, the focus of Sec. 73.55(p)(1)(i) is on
the suspension of security measures for the protection of the public
health and safety.
In contrast, Sec. 73.55(p)(1)(ii) has been added to provide
similar flexibility for situations, such as during severe weather
incidents like hurricanes, tornados, or floods when these actions are
immediately needed to protect the personal health and safety of
security
[[Page 13962]]
force personnel when no action consistent with the license condition is
immediately apparent. Formerly, suspensions of security measures to
protect security force personnel during severe weather incidents would
not have been permitted by the regulations. However, the same control
mechanisms apply to suspension invoked under Sec. 73.55(p)(1)(ii) as
described in Sec. 50.54(y), including approval of, at a minimum, a
licensed senior operator.
Section 73.55(q), Records. This paragraph establishes requirements
for the retention of documentation (reports, records, and documents)
associated with licensee actions to satisfy Commission requirements.
Section 73.55(r), Alternative Measures. This paragraph establishes
provisions that allow the licensee the ability to develop measures for
the protection against radiological sabotage other than those
specifically stated in Commission requirements. Licensee requests to
employ such alternative measures must be submitted to the Commission
for review and approval as a license amendment in accordance with Sec.
50.90.
K. Section 73.56, Personnel Access Authorization Requirements for
Nuclear Power Plants
Section 73.56 (a), Introduction. This paragraph outlines the
implementation, scope and applicability of the access authorization
program and requires that this program be described in the licensee's
physical security plan. Current licensees must be in compliance with
the requirements described in this rule by March 31, 2010, including
updating their site-specific security plans as applicable. Current
licensees should update their plans using one of the processes
described in 10 CFR 50.54(p), 10 CFR 50.90, or 10 CFR 73.5 as
applicable. In addition, current applicants for an operating license or
combined license as of the effective date of this rule must update
their applications, as appropriate, to address the requirements of this
section. Section 73.56 retains the intent of the pre-existing
requirements that licensees have the authority to grant or deny an
individual unescorted access, certify or deny an individual unescorted
access authorization, or permit an individual to maintain or terminate
unescorted access or unescorted access authorization. Additionally, the
Commission allows applicants to certify or deny an individual
unescorted access authorization status prior to receiving its operating
license under part 50 of this chapter or before the Commission makes
its finding under 10 CFR 52.103(g).
A licensee or applicant may allow a contractor or vendor to
maintain certain elements of the licensee's or applicant's access
authorization program if the contractor or vendor complies with the
requirements of this section. Additionally, a licensee or applicant may
permit a contractor or vendor to maintain an individual's unescorted
access authorization status if the contractor's or vendor's access
authorization program includes the licensee's or applicant's approved
behavioral observation program. However, licensees and applicants are
responsible for meeting all of the requirements set forth in this
section before granting an individual unescorted access or certifying
an individual unescorted access authorization.
Applicants for an operating license or a combined license must
incorporate their access authorization program in their physical
security plan and implement the access authorization program before the
receipt of special nuclear material in the form of fuel assemblies on
site (i.e., within the licensee's protected area.)
Section 73.56(b), Individuals Subject to the Access Authorization
Program. This paragraph identifies individuals who shall be subject to
the requirements of an access authorization program to ensure that each
person granted unescorted access and/or certified unescorted access
authorization is trustworthy and reliable. The rule requires that any
individual who has unescorted access to nuclear power plant protected
and vital areas shall be subject to an access authorization program
that meets the requirements of this section.
Section 73.56(c), General Performance Objective. This paragraph
stipulates that the licensee's or applicant's access authorization
program must provide high assurance that the individuals subject to
this section are trustworthy and reliable such that they do not
constitute an unreasonable risk to public health and safety or the
common defense and security including the potential to commit
radiological sabotage.
Section 73.56(d), Background Investigation. This paragraph outlines
the responsibilities and elements of the background investigation
process including consent; personal, employment, credit, and criminal
history; identity verification; and character evaluation. As addressed
with respect to Sec. 73.56(h)(5) and (h)(6), the Commission permits
licensees and applicants to meet the requirements of this section by
relying on certain background investigation elements, psychological
assessments, and behavioral observation training conducted by other
licensees, applicants, or contractor access programs.
This provision reduces regulatory burden by eliminating the need to
replicate access authorization program elements that are still current
according to the time conditions specified in Sec. Sec. 73.56(h) and
(i)(1).
Additionally, this paragraph requires individuals to disclose
personal history information pertaining to the access authorization
program and associated processes and requires licensees, applicants,
and contractors or vendors to take steps to access information from
reliable sources to ensure that the personal identifying information
the individual has provided is authentic and accurate.
The rule requires licensees, applicants, and contractors or vendors
to make available and disclose information that they have collected if
contacted by another licensee, applicant, or contractor or vendor who
has a release signed by the individual who is applying for unescorted
access or unescorted access authorization.
Section 149 of the AEA provides the Commission authority to require
individuals to be fingerprinted and to obtain the FBI criminal history
records of only those individuals who are seeking unescorted access to
protected or vital areas of a nuclear power plant. For other
individuals, the Commission expects licensees and applicants to obtain
those individual's criminal records in accordance with requirements set
forth in Sec. 73.56(k)(1)(ii).
Section 73.56(e), Psychological Assessment. This paragraph outlines
requirements within the access authorization program for conducting
psychological assessments on individuals seeking unescorted access or
unescorted access authorization. The purpose of the paragraph is to
evaluate the implications of an individual's psychological character on
his or her trustworthiness and reliability. The rule requires that
Individuals who are applying for initial unescorted access or
unescorted access authorization, or who have not maintained unescorted
access or unescorted access authorization for greater than 365 days, be
subjected to a psychological assessment.
This paragraph establishes requirements, standards, roles, and
responsibilities for individuals who perform psychological assessments.
A
[[Page 13963]]
licensed psychologist or psychiatrist with proper clinical training and
experience must conduct the psychological assessment in accordance with
the American Psychological Association or the American Psychiatric
Association standards. This paragraph establishes the responsibilities
of those conducting psychological assessments to report the discovery
of any information, including a medical condition, which could
adversely impact the fitness for duty or trustworthiness and
reliability of the individual being accessed.
Section 73.56(f), Behavioral Observation. This paragraph outlines
the roles and responsibilities of licensees, applicants, contractors,
vendors, and individuals under the behavioral observation program. The
purpose of the behavioral observation program is to increase the
likelihood that potentially adverse behavior patterns and actions are
detected, communicated, and evaluated before there is an opportunity
for such behavior patterns or acts to result in detrimental
consequences. The rule requires individuals under this program to be
trained to identify and report questionable behavior patterns or
activities to his or her supervisor, other management personnel, or the
reviewing official as designated in site procedures and that this
report be promptly conveyed to the reviewing official for evaluation.
Section 73.56(g), Self-Reporting of Legal Actions. This paragraph
outlines the responsibilities for individuals to self-report legal
actions taken by a law enforcement authority or court of law to which
the individual has been subject that could result in incarceration or a
court order or that requires a court appearance. This paragraph
requires the recipient of the report, if the recipient is not the
reviewing official, to promptly convey the report to the reviewing
official who will then evaluate the implications of those actions with
respect to the individual's trustworthiness and reliability.
Section 73.56(h), Granting Unescorted Access and Certifying
Unescorted Access Authorization. This paragraph defines the regulatory
standard that must be used by a licensee or applicant for a
determination of granting or certifying unescorted access or unescorted
access authorization as well as for reinstatement of unescorted access
or unescorted access authorization. The requirements in this paragraph,
in part, are based upon whether an individual has previously been
granted unescorted access or certified unescorted access authorization
under a program subject to the requirements of Sec. 73.56 and the
elapsed time since the individual's unescorted access or unescorted
access authorization status was last favorably terminated.
Additionally, this paragraph provides requirements for re-establishing
trustworthiness and reliability of those individuals whose unescorted
access or unescorted access authorization was denied or terminated
unfavorably. Sections 73.56(h)(5) and (6) permit licensees and
applicants to rely on other access authorization programs that meet the
requirements of this section. In addition, these provisions eliminate
redundancies in the steps required for granting unescorted access or
certifying unescorted access authorization or maintaining unescorted
access or unescorted access authorization.
Section 73.56(i), Maintaining Unescorted Access or Unescorted
Access Authorization. This paragraph delineates the conditions and
requirements for maintaining unescorted access or unescorted access
authorization status. Important elements of maintaining unescorted
access or unescorted access authorization status are the behavioral
observation program, the reevaluation of criminal history and credit
history, and, for select individuals who perform specific job functions
identified in Sec. 73.56(i)(1)(B), a psychological assessment.
To confirm each individual's continued trustworthiness and
reliability determination, the rule requires licensees and applicants
to conduct updates and reevaluations every five (5) years for
individuals granted unescorted access or certified unescorted access
authorization and every three (3) years for selected individuals. For
selected individuals, the rule requires licensees and applicants to
conduct psychological reassessments every five (5) years. Additionally,
all individuals are required to be subject to the licensee's behavioral
observation program on a daily basis to detect an individual's abnormal
emotional and/or psychological state through monitoring and/or
supervisory evaluation.
Section 73.56(j), Access to Vital Areas. This paragraph requires
that access to vital areas be controlled through the use of access
authorization lists to ensure that no one may enter these vital areas
without having a work-related need and, when the need no longer exists,
access to the vital areas is terminated.
The rule requires that access authorization lists will be updated
at least every 31 days to minimize insider threats by ensuring that
personnel listed have a continued need to access vital areas to perform
their official duties and not just a possibility of needing access
sometime in the future.
Section 73.56(k), Background Screeners. This paragraph outlines
requirements to ensure that individuals who collect, process, or have
access to sensitive personal information required under this section
are trustworthy and reliable.
Background checks for these individuals must be conducted in
accordance with the requirements of this paragraph. The Commission
recognizes that licensees and applicants may not, under Section 149 of
the AEA, obtain a fingerprint-based FBI criminal history records check
for an individual who does not have or is not expected to have
unescorted access. In such cases, local criminal history information
about the individual will be obtained from the State or local court
system to satisfy this requirement.
Section 73.56(l), Review Procedures. This paragraph outlines
requirements for responding to an individual's request for review of a
determination to deny unescorted access or unescorted access
authorization or unfavorable termination of an individual's unescorted
access or unescorted access authorization.
Section 73.56(m), Protection of Information. This paragraph
outlines requirements for the protection and release of personal
information collected by a licensee, applicant, contractor, or vendor
to authorized personnel. The rule requires that the licensee,
applicant, contractor, or vendor possessing personal records will
promptly provide personal information as authorized by the individual's
signed consent. This may include an individual's representative and
other licensees or applicants. With regard to revealing the sources of
the information, the rule requires that licensees, applicants,
contractors, and vendors will maintain confidentiality of sources.
Section 73.56(n), Audits and Corrective Action. This paragraph
outlines requirements for audits and corrective action to confirm
compliance with the requirements of this section and that comprehensive
corrective actions are taken in response to any violations of the
requirements of this section identified from an audit. The rule
requires that licensees and applicants will perform an audit of their
access authorization program at intervals nominally every 24 months.
With regard to Sec. 73.56(n)(1), the Commission uses the term
``nominally'' which allows a 25 percent margin
[[Page 13964]]
consistent with the definition of nominal in Sec. 26.5, which provides
limited flexibility in meeting the scheduled due date for completing
this recurrent activity. Completing a recurrent activity at a nominal
frequency means that the activity may be completed within a period that
is 25 percent longer (30 months) or shorter (18 months) than the period
required, with the next scheduled due date no later than the current
scheduled due date plus the required frequency for completing the
activity.
With regard to the independence of audit team members, the rule
requires that at least one person on an audit team possess the
requisite knowledge to evaluate the holistic implications of individual
requirements or the complexities associated with meeting the final
rule's performance objective and, therefore, can adequately evaluate
program effectiveness and is independent of management having
responsibility for day-to-day operation of the access authorization
program.
In regard to Sec. 73.56(n)(7), the rule permits licensees and
other entities to jointly conduct audits as well as to rely on one
another's audits, if the audits upon which they are relying address the
services obtained from the contractor or vendor by each of the sharing
licensees or applicants. The rule requires that licensees, applicants,
and contractors or vendors relying on a shared audit to ensure that all
services and elements upon which they rely have been adequately audited
and to make clear that the licensees, applicants, and contractors or
vendors are responsible for ensuring that an adequate audit is
conducted of any services or elements upon which they rely that are not
adequately covered by the shared audit.
Section 73.56(o), Records. This paragraph outlines requirements for
the retention, storage, and protection of records required by this
section. Licensees, applicants, contractors, and vendors must retain,
store, and protect records to ensure their availability and integrity.
In addition, this paragraph provides requirements for how long the
licensee shall retain these records according to the type of record or
until the completion of legal proceedings that may arise as a result of
an adjudication of an application for unescorted access, whichever is
later. These requirements also allow contractors and vendors to retain
records for which they are responsible. Upon termination of a contract
between a contractor and a licensee or applicant, the licensee or
applicant must retrieve all relevant records that were accumulated by
the contractor throughout the period of the contract. The rule requires
that corrected or new information will be actively communicated by the
recipient to other licensees.
L. Section 73.58, Safety/Security Interface Requirements for Nuclear
Power Reactors
Section 73.58 is a new requirement added to part 73. This
requirement makes explicit, what was previously implicitly required by
the regulations including that plant activities should not adversely
affect security activities and that security activities should not
adversely affect plant safety (otherwise licensees would fail to comply
with the governing requirements in the applicable area). The new
section is added as a cost-justified, safety enhancement per Sec.
50.109(a)(3). As discussed previously in Section II of this document,
the new requirements were developed in response to a petition for
rulemaking (PRM-50-80) submitted by the Union of Concerned Scientists
and the San Luis Obispo Mothers for Peace that requested, in part, that
the Commission promulgate requirements for licensees to evaluate
proposed changes, tests, or experiments to determine whether such
changes cause a decrease in the protection against radiological
sabotage and to require prior Commission approval for such situations.
Additionally, it stems from the Commission's comprehensive review of
its safeguards and security programs and requirements and from the
Commission's awareness that the increased complexity of licensee
security measures now required in the post September 11, 2001, security
environment could potentially increase adverse interactions between
safety and security. Additionally, it is based on plant events
discussed in Commission Information Notice 2005-33, ``Managing the
Safety/Security Interface,'' that demonstrated that changes made to a
facility, its security plan, or implementation of the plan can have
adverse effects if the changes are not adequately assessed and managed.
The regulations, prior to Sec. 73.58, did not explicitly require
communication about the implementation and timing of facility changes.
The Commission believes that Sec. 73.58 promotes an increased
awareness of the effects of changing conditions and results in
appropriate assessment and response.
The introductory text indicates this section applies to power
reactors licensed under 10 CFR parts 50 or 52. Paragraph (b) of this
section requires licensees to assess proposed changes to plant
configurations, facility conditions, or security to identify potential
adverse effects on the capability of the licensee to maintain either
safety or security before implementing those changes. The assessment
would be qualitative or quantitative. If a potential adverse effect is
identified, the licensee is required to take appropriate measures to
manage the potential adverse effect. Managing the potential adverse
effect is further described in paragraph (d). The requirements of Sec.
73.58 are in addition to requirements to assess proposed changes and to
manage potential adverse effects contained in other Commission
regulations, and are not intended to substitute for them. The
Commission recognizes that implementation of Sec. 73.58 would rely to
some extent on these existing programs that manage facility changes and
configuration, and expects licensees to incorporate Sec. 73.58 into
this structure. The primary function of this rule is to explicitly
require that licensees consider the potential for changes to cause
adverse interaction between security and safety and to appropriately
manage any adverse results. Documentation of assessments performed per
paragraph (b) is not required so as not to delay plant or security
actions unnecessarily.
Section 73.58(c) requires changes identified by either planned or
emergent activities to be assessed by the licensee. This requirement is
not intended to require licensees to assess all the day-to-day
activities that are controlled by facility work processes and
configuration management processes. The Commission expects that
licensees would instead revise these processes to preclude, to the
extent practicable, potential adverse interactions. Paragraph (c) of
this section provides a description of typical activities for which
changes must be assessed and for which resultant adverse interactions
must be managed.
Section 73.58(d) requires that, when potential adverse interactions
are identified, licensees communicate the potential adverse
interactions to appropriate licensee personnel. The licensee is also
required to take appropriate compensatory and mitigative actions to
maintain safety and security consistent with the applicable Commission
requirements. The compensatory and/or mitigative actions taken must be
consistent with existing requirements for the affected activity.
M. Part 73, Appendix B, General Criteria for Protection
The title of this appendix reflects training and qualification
requirements for the members of the security organization and other
facility personnel who perform security related
[[Page 13965]]
duties at a nuclear power reactor facility. The rule requires that
individuals who perform security functions are trained and qualified
prior to performing security-related duties and the training and
qualification is documented.
Part 73, Appendix B, Section VI.A, General Requirements and
Introduction. This paragraph highlights the minimum employment
suitability and training and qualification program requirements for
individuals selected to perform security related functions. All
individuals who perform physical protection and/or contingency response
duties within the security program must meet the minimum training and
qualification requirements for their assigned duties as specified
within this appendix and the Commission approved training and
qualification plan. The word ``individuals'' is used to identify
members of the security organization and those facility personnel who
are assigned to perform physical protection or contingency response
duties within the security program. Facility personnel performing
physical protection duties need only meet the minimum training and
qualification requirements specified within this appendix and the
Commission approved training and qualification plan for the specific
duty assigned. Where requirements under this appendix specifically
apply to members of the security organization the language explicitly
identifies this applicability.
Part 73, Appendix B, Section VI.B, Employment Suitability and
Qualification. This paragraph outlines the minimum criteria that must
be evaluated by licensees for individuals being considered for and
performing security-related duties. The minimum criteria include
education, criminal history, and physical and psychological standards.
The physical standards associated with this paragraph reflect the
basic physical requirements that ensure an individual possesses the
standard acuity levels associated with vision and hearing and that the
individual does not have a medical condition that is detrimental to the
individual's health or the performance of assigned duties. The
standards posed are applicable to all individuals who are assigned to
perform physical protection or contingency response duties within the
security program, to include non-security personnel assigned to perform
physical protection duties (such as vehicle escort or material search).
A licensed medical professional is required to conduct a medical
examination before the assignment of individuals to perform security
duties and/or the physical fitness test being administered.
The physical fitness test, which is required for armed individuals
implementing the contingency response plan, is a performance-based test
that must be designed to demonstrate an individual's physical ability
to perform assigned security duties during contingency events. Before
engaging in the physical fitness test, the individual's current health
status must be verified by the licensee. The licensee is also required
to confirm that there are no existing medical conditions which would be
detrimental to the individual's health when placed under the physical
stress induced by the physical fitness test. The licensed medical
professional provides a certification of the individual's health before
the test, but is not required to administer the physical fitness test
or document or attest to the successful completion of the test.
Scheduling the physical fitness test for each armed individual as soon
as possible after the date of the physical examination required by
paragraph B.2.a(2) minimizes the possibility of the individual
incurring a medical condition from the time of examination to the time
that the physical fitness test is administered.
The Commission recognized that the proposed suitability
requirements for security personnel found in appendix B to part 73,
criterion VI.B.1, were not inclusive of the disqualifying criteria
found under the Gun Control Act of 1968 (GCA) (see 18 U.S.C. 922(g) and
(n)). This section describes a licensee's obligations to take those
prohibitions into account prior to permitting an individual to serve as
an armed security officer.
The rule requires that a qualified training instructor is
responsible for the final documentation of each security critical task
qualification that is performed by individuals who are assigned
physical protection and/or contingency response duties within the
security program. This paragraph also enables members of the security
organization who are medically disqualified from performing contingency
response duties or specific physical protection duties for a period of
time, to perform other physical protection duties that would not be
affected by the medical disqualification.
Part 73, Appendix B, Section VI.C, Duty Training. This paragraph
outlines duty training and on-the-job training requirements and focuses
on the knowledge, skills, and abilities needed by individuals selected
to perform security duties. On the job training for daily security
duties may be conducted as a part of basic qualification training that
provides the individual with the basic knowledge, skills and abilities
of assigned securities duties. In addition to the on-the-job training
previously described, this paragraph describes the development and
implementation of 40 hours of on-the-job training to train the security
force in the response to contingency events. It also captures both the
scope of conducting tactical response drills and force-on-force
exercises as well as the importance of individual performance by the
members of the security response organization. The requirement is added
to ensure that individuals implementing the safeguards contingency plan
possess first-hand knowledge of individual and team response duties in
accordance with the licensee protective strategy.
Part 73, Appendix B, Section VI.C.3, Performance Evaluation
Program. This paragraph outlines the establishment of the performance
evaluation program including individual and group requirements for
security personnel participation. The Commission's intent is that the
licensee's performance evaluation program be evaluated during the
conduct of NRC security baseline inspections including force-on-force
evaluations. The rule allows force-on-force exercises conducted to
satisfy the NRC triennial evaluation requirement to be used to satisfy
the annual force-on-force requirement for the personnel that
participate in the capacity of the security response organization.
Part 73, Appendix B, Section VI.D, Duty Qualification and Re-
qualification. This paragraph outlines the qualification, re-
qualification, and periodicity requirements for armed and unarmed
individuals performing security duties. The rule requires that
qualifications include written exams, hands-on performance
demonstrations, and annual written exams where applicable.
Part 73, Appendix B, Section VI.E, Weapons Training. This paragraph
outlines the requirements for firearms training, firearms instructor
qualifications, firearms familiarization training, training program
elements, deadly force instruction, and weapons training periodicity.
The Commission's intent is to make generically applicable requirements
similar to those that were contained in the 2003 training and
qualification order (EA-03-039) and experience gained through security
program inspections and observations and to apply language consistent
with the professional firearms community more accurately. Additionally,
a list of common firearms practices are provided to ensure appropriate
weapons training
[[Page 13966]]
and qualification, safe handling, and operations are achieved.
Part 73, Appendix B, Section VI.F, Weapons Qualification and
Requalification Program. This paragraph outlines the requirements for
general and tactical weapons qualification, the types of qualification
courses, courses of fire, and firearms requalification. These
requirements are substantially similar to the weapons proficiency
requirements that were stipulated in the 2002 training and
qualification order and the commonly-accepted minimum qualification
scores found in the firearms training community for shotguns, hand
guns, semi-automatic and/or enhanced weapons during both day and night
courses of fire.
Part 73, Appendix B, Section VI.G, Weapons, Personal Equipment, and
Maintenance. This paragraph outlines the weapons, as well as required
and optional personal equipment, for individuals performing security-
related duties. The rule requires that the equipment required by
paragraph G.2.b be readily accessible. The Commission does not intend
that the required equipment necessarily be carried or worn but intends
that it be readily available should the security officer choose to wear
it during a safeguards contingency event. The Commission's intent is
that the optional equipment listed in paragraph G.2.c be considered for
implementation consistent with the licensee's protective strategy. The
paragraph also discusses the weapons maintenance program and certified
armorer requirements. The armorer must be certified by the weapons
manufacturer (or a contractor working on behalf of the manufacturer) to
perform maintenance and repair of licensee firearms. Licensees may use
a manufacturer's armorer and certification process or use a contractor
certified by the manufacturer as an armorer to perform maintenance and
repair of licensee firearms.
Part 73, Appendix B, Section VI.H, Records. This paragraph outlines
the documentation and records retention requirements for security-
related training. The Commission's intent is to be consistent with the
record keeping and documentation requirements set forth in Sec.
73.55(r).
Part 73, Appendix B, Section VI.I, Reviews. This paragraph outlines
the required reviews of security-related training as set forth in Sec.
73.55(n).
Part 73, Appendix B, Section VI.J, Definitions. This paragraph is
consistent with the terms and definitions outlined in parts 50, 70, and
73.
N. Part 73, Appendix C, Section II, Nuclear Power Plant Safeguards
Contingency Plans
This section is revised to address nuclear power reactor safeguards
contingency plan requirements without impacting other licensees who are
also required to maintain safeguards contingency plans (SCP).
Part 73, Appendix C, Section II.A Introduction. This paragraph
describes the content of the SCP for nuclear power reactors. Licensees
must complete the coordination of the predetermined security force
actions and non-security response efforts to ensure that the
predetermined actions of the security force can be effectively
implemented without conflict with the actions of other onsite or
offsite support agencies responding to a safeguards contingency event.
The scope of the SCP is specific to the security organization. However,
the safeguards contingency plan must be integrated with other onsite
and offsite response plans and procedures. It is not the Commission's
intent for the security organization to be responsible for the
integrated response plan but rather to ensure coordination with the
integrated response plan and other licensee organizational elements.
Part 73, Appendix C, Section II.B, Contents of the Plan. This
paragraph specifies the categories of information required in a
safeguards contingency plan to be consistent with and complement the
requirements of Sec. 50.34(d). The intent is to build a common
approach to documenting SCP requirements and to improve the usefulness
and applicability of the SCP, and to ensure that the SCP is coordinated
with non-security response plans. The Commission does not intend that
the SCP include the details of other site plans but rather intends to
ensure that the licensee has considered these other plans and that
potential conflicts have been identified and resolved.
Part 73, Appendix C, Section II.B.1, Background. This category of
information requires licensees to identify perceived dangers, purpose,
scope, and general information in the development and implementation of
the SCP. The intent is to document the types of incidents that the plan
covers, goals and objectives of the plan for each event, the physical
protection elements that support the plan, and the coordination of
response efforts by local law enforcement agencies. The NRC does not
intend to expand the security organization's role or responsibilities
to encompass the functions of other organizational elements. Planning
functions and responsibilities of other licensee organizational
elements are addressed in Sec. Sec. 50.54(gg), 50.47, and part 50,
appendix E.
Part 73, Appendix C, Section II.B.2, Generic Planning Base. This
category of information establishes the criteria for initiating and
terminating responses to safeguards contingency events. The generic
planning base must define specific decisions, actions, expectations,
and supporting information needed to respond to each type of incident.
This requirement focuses on the types of actions or information that
will prompt the licensee to initiate and/or terminate response
activities as a result of an actual or perceived threat to the
facility.
Part 73, Appendix C, Section II.B.3, Licensee Planning Base. This
category of information focuses on factors that affect safeguards
contingency planning specific to each facility. The licensee planning
base must document the site-specific organizational structure of the
security response organization, site physical layout considerations,
safeguards systems, the protective strategy, law enforcement
assistance, policy constraints and assumptions and administrative and
logistical considerations that could have bearing on the implementation
of the licensee's SCP. While implementing details are appropriate for
procedures and need not be included in the SCP, licensees are expected
to provide a sufficient level of detail in the SCP for the information
to be meaningful. Within this category of information, licensees must
document coordination with off-site entities and explain how the level
of protection required by Sec. 73.55(b) during safeguards contingency
events will be maintained. In addition, licensees must ensure that
Sec. 73.58 information regarding safety and security interface is
considered in contingency response planning.
Part 73, Appendix C, Section II.B.4, Responsibility Matrix. This
category of information documents responsibilities and specific actions
to be taken by licensee organizations and/or personnel in response to
safeguards contingency events. The responsibility matrix must document
who will perform what actions and make what decisions during responses
to safeguards contingency events. The licensee SCP's must discuss how
the matrix is incorporated into site implementing procedures.
Part 73, Appendix C, Section II.B.5, Implementing Procedures. This
category of information provides specific guidance and operating
details that identify the actions to be taken and decisions to be made
by each member of the security organization who is assigned duties and
responsibilities required for the effective
[[Page 13967]]
implementation of the SCP. The procedures must reflect detailed
information that supports the implementation of the SCP. The
implementing procedures must contain the tabulated responsibility
matrix that addresses each safeguards contingency event outlined in the
licensee's generic planning base.
Part 73, Appendix C, Section II.C, Records and Reviews. This
category of information requires licensees to maintain records and to
conduct reviews in accordance with the requirements of Sec. 73.55(n).
V. Guidance
The Commission is preparing new regulatory guides that will contain
detailed guidance on the implementation of the rule requirements. These
regulatory guides, currently under development or already issued in
draft form for comment will consolidate and update or eliminate
previous guidance that was used to develop, review, and approve the
power reactor security plans that licensees revised in response to the
post-September 11, 2001, security orders. Development of the regulatory
guides is ongoing and the publication of the final regulatory guides is
planned shortly after the publication of this final rule. Some of these
regulatory guides contain Safeguards Information (SGI) or Official Use
Only--Security Related Information (OUO-SRI) and will only be available
to those individuals with a need-to-know and who are qualified to have
access to SGI or OUO-SRI as applicable. Where appropriate, the
requirements in this final rule are adjusted to account for the lack of
final guidance (e.g., if the guidance is needed to support a licensee
or applicant submittal, then the submittal requirements are adjusted to
account for the lack of final guidance).
VI. Criminal Penalties
For the purposes of Section 223 of the Atomic Energy Act of 1954,
as amended (AEA), the Commission is amending 10 CFR parts 50, 52, 72,
and 73 under Sections 161b, 161i, or 161o of the AEA. Criminal
penalties, as they apply to regulations in part 50, are discussed in
Sec. 50.111. Criminal penalties, as they apply to regulations in part
52, are discussed in Sec. 52.303. Criminal penalties, as they apply to
regulations in part 73, are discussed in Sec. 73.81. The new
Sec. Sec. 50.54(hh), 73.54, and 73.58 are issued under Sections 161b,
161i, or 161o of the AEA, and are not included in Sec. Sec. 50.111,
52.303, and 73.81(b) as applicable.
VII. Availability of Documents
The NRC is making the documents identified below available to
interested persons through one or more of the following methods:
Public Document Room (PDR). The NRC Public Document Room is located
at 11555 Rockville Pike, Rockville, Maryland.
Regulations.gov (Web). These documents may be viewed and downloaded
electronically through the Federal eRulemaking Portal http://
www.Regulations.gov, Dockets NRC-2006-0016 and NRC-2008-0019.
NRC's Electronic Reading Room (ERR). The NRC's public electronic
reading room is located at www.nrc.gov/reading-rm.html.
----------------------------------------------------------------------------------------------------------------
Document PDR Web ERR (ADAMS)
----------------------------------------------------------------------------------------------------------------
Environmental Assessment........................ X X ML081640161
Regulatory Analysis............................. X X ML083390372
Regulatory Analysis--appendices................. X X ML081680090
Information Collection Analysis................. X X ML083530022
Comment Response document....................... X X ML083390333
EA-03-086, ``Revised Design Basis Threat X X ML030740002
Order,'' issued April 29, 2003 (68 FR 24517;
May 7, 2003) [withheld as SGI and not publicly
available.]*.
EA-02-026, (Interim Compensatory Measures (ICM) X X ML020520754
Order, ( issued February 25, 2002 (67 FR 9792;
March 4, 2002) [withheld as SGI and not
publicly available.]*.
EA-02-261, (Issuance of Order for Compensatory X X ML030060360
Measures Related to Access Authorization,
(issued January 7, 2003 (68 FR 1643; January
13, 2003) [withheld as SGI and not publicly
available.]*.
EA-03-039, (Issuance of Order for Compensatory X X ML030980015
Measures Related to Training Enhancements on
Tactical and Firearms Proficiency and Physical
Fitness Applicable to Armed Nuclear Power Plant
Security Force Personnel,'' issued April 29,
2003 (68 FR 24514; May 7, 2003) [withheld as
SGI and not publicly available.]*.
----------------------------------------------------------------------------------------------------------------
* The NRC references these documents only for purposes of the backfitting discussion in this rule.
VIII. Voluntary Consensus Standards
The National Technology Transfer and Advancement Act of 1995,
Public Law 104-113, requires that Federal agencies use technical
standards that are developed or adopted by voluntary consensus
standards bodies unless using such a standard is inconsistent with
applicable law or is otherwise impractical. The NRC is not aware of any
voluntary consensus standard that could be used instead of the
regulatory guidance currently under development. The NRC will consider
using a voluntary consensus standard if an appropriate standard is
identified.
IX. Finding of No Significant Environmental Impact
The Commission has determined under the National Environmental
Policy Act of 1969, as amended, and the Commission's regulations in
Subpart A of 10 CFR part 51, that this rule is not a major Federal
action significantly affecting the quality of the human environment,
and therefore, an environmental impact statement is not required.
The determination of this environmental assessment is that there
will be no significant offsite impact to the public as a result of this
action. The NRC requested comment on the environmental assessment.
There were no comments received. Availability of the environmental
assessment is provided in section VII of this document.
X. Paperwork Reduction Act Statement
This rule imposes new or amended information collection
requirements contained in 10 CFR parts 50, 52, 72, and 73, that are
subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501, et
seq.). These requirements were approved by the Office of Management and
Budget, approval numbers 3150-0011, 3150-0151, 3150-0132, and 3150-
0002.
The burden to the public for these information collections is
estimated to average 4.38 hours per response. This includes the time
for reviewing instructions, searching existing data
[[Page 13968]]
sources, gathering and maintaining the data needed, and completing and
reviewing the information collection. Send comments on any aspect of
these information collections, including suggestions for reducing the
burden, to the Records and FOIA/Privacy Services Branch (T-5-F53), U.S.
Nuclear Regulatory Commission, Washington, DC 20555-0001, or by
Internet electronic mail to [email protected]; and to the
Desk Officer, Office of Information and Regulatory Affairs, NEOB-10202,
(3150-0011; 3150-0151; 3150-0132; and 3150-0002), Office of Management
and Budget, Washington, DC 20503 or by internet electronic mail to
Nathan J. [email protected].
XI. Regulatory Analysis
The Commission has prepared a regulatory analysis of this
regulation. The analysis examines the costs and benefits of the
alternatives considered by the Commission. Availability of the
regulatory analysis is provided in Section VII of this document.
XII. Regulatory Flexibility Certification
In accordance with the Regulatory Flexibility Act (5 U.S.C.
605(b)), the Commission certifies that this rule does not have a
significant economic impact on a substantial number of small entities.
This rule affects only the licensing and operation of nuclear power
plants. The companies that own these plants do not fall within the
scope of the definition of ``small entities'' set forth in the
Regulatory Flexibility Act or the size standards established by the NRC
(10 CFR 2.810).
XIII. Backfit Analysis
With regard to the governing criteria in Sec. 50.109, this
rulemaking contains two different sets of requirements. The first set
of requirements in this rulemaking are requirements similar to those
that were previously imposed under one of the following orders issued
after September 11, 2001:
EA-02-026, ``Interim Compensatory Measures (ICM) Order,''
issued February 25, 2002 (March 4, 2002; 67 FR 9792);
EA-02-261, ``Access Authorization Order,'' issued January
7, 2003 (January 13, 2003; 68 FR 1643);
EA-03-039, ``Security Personnel Training and Qualification
Requirements (Training) Order,'' issued April 29, 2003 (May 7, 2003; 68
FR 24514); and
EA-03-086, ``Revised Design Basis Threat Order,'' issued
April 29, 2003 (May 7, 2003; 68 FR 24517).
For this first set of requirements, the NRC has determined that
they are not backfitting as defined by Sec. 50.109(a)(1), and
therefore, a backfit analysis is unnecessary for these requirements.
Section 50.109(a)(1) defines backfitting as ``the modification or
addition to systems, structures, components or design of a facility * *
* or the procedures or organization required to design, construct or
operate a facility; any of which may result from a new or amended
provision in the Commission rules * * *.'' This first set of
requirements in the final rule contains numerous requirements
substantially similar to those previously imposed by the orders
identified above. In some cases, more specific detail may have been
provided in this final rule for a particular requirement that
corresponds with a requirement that had previously been in an order.
The provisions in this first set impose requirements that are
substantially similar to those previously imposed to current licensees
under the orders and are consistent with the implementing guidance that
has been issued to licensees subsequent to the orders. Therefore, the
first set of requirements do not constitute backfits as defined by the
rule because they would not result in a modification or addition to any
systems, structures, components or design of an affected facility, or
the procedures or organization required to design, construct, or
operate an affected facility. In any event, the Commission has also
determined that the requirements represented in this first set are
those necessary to ensure that these facilities provide adequate
protection to the health and safety of the public and are in accord
with common defense and security. Therefore, no backfit analysis has
been prepared with respect to these requirements.
The second set of requirements in this rulemaking are additions
that do constitute backfits. The NRC evaluated the second set of
requirements in the aggregate in accordance with Sec. 50.109 to
determine if the costs of implementing the rule would be justified by a
substantial increase in public health and safety or common defense and
security. The NRC finds that qualitative safety benefits of the
provisions that qualify as backfits in this rulemaking, considered in
the aggregate, would constitute a substantial increase in protection to
public health and safety and the common defense and security and that
the costs of this rule would be justified in view of the increase in
protection to safety and security provided by the backfits embodied in
the proposed rule. The backfit analysis is contained within section 4.2
of the regulatory analysis. Availability of the regulatory analysis is
provided in section VII of this document.
XIV. Congressional Review Act
Under the Congressional Review Act of 1996, the NRC has determined
that this action is a major rule and has verified this determination
with the Office of Information and Regulatory Affairs of the Office of
Management and Budget.
List of Subjects
10 CFR Part 50
Antitrust, Classified information, Criminal penalties, Fire
protection, Intergovernmental relations, Nuclear power plants and
reactors, Radiation protection, Reactor siting criteria, Reporting and
recordkeeping requirements.
10 CFR Part 52
Administrative practice and procedure, Antitrust, Backfitting,
Combined license, Early site permit, Emergency planning, Fees,
Inspection, Limited work authorization, Nuclear power plants and
reactors, Probabilistic risk assessment, Prototype, Reactor siting
criteria, Redress of site, Reporting and recordkeeping requirements,
Standard design, Standard design certification.
10 CFR Part 72
Administrative practice and procedure, Criminal penalties, Manpower
training programs, Nuclear materials, Occupational safety and health,
Penalties, Radiation protection, Reporting and recordkeeping
requirements, Security measures, Spent fuel, Whistleblowing.
10 CFR Part 73
Criminal penalties, Export, Hazardous materials transportation,
Import, Nuclear materials, Nuclear power plants and reactors, Reporting
and recordkeeping requirements, Security measures.
0
For the reasons set out in the preamble and under the authority of the
AEA, as amended; the Energy Reorganization Act of 1974, as amended; 5
U.S.C. 552 and 5 U.S.C. 553; the NRC is adopting the following
amendments to 10 CFR parts 50, 52, 72, and 73.
[[Page 13969]]
PART 50--DOMESTIC LICENSING OF PRODUCTION AND UTILIZATION
FACILITIES
0
1. The authority citation for part 50 continues to read as follows:
Authority: Secs. 102, 103, 104, 105, 161, 182, 183, 186, 189, 68
Stat. 936, 937, 938, 948, 953, 954, 955, 956, as amended, sec. 234,
83 Stat. 444, as amended (42 U.S.C. 2132, 2133, 2134, 2135, 2201,
2232, 2233, 2236, 2239, 2282); secs. 201, as amended, 202, 206, 88
Stat. 1242, as amended, 1244, 1246 (42 U.S.C. 5841, 5842, 5846);
sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act
of 2005, Public Law 109-58, 119 Stat. 194 (2005). Section 50.7 also
issued under Public Law 95-601, sec. 10, 92 Stat. 2951 as amended by
Public Law 102-486, sec. 2902, 106 Stat. 3123 (42 U.S.C. 5841).
Section 50.10 also issued under secs. 101, 185, 68 Stat. 955, as
amended (42 U.S.C. 2131, 2235); sec. 102, Public Law 91-190, 83
Stat. 853 (42 U.S.C. 4332). Sections 50.13, 50.54(dd), and 50.103
also issued under sec. 108, 68 Stat. 939, as amended (42 U.S.C.
2138).
Sections 50.23, 50.35, 50.55, and 50.56 also issued under sec.
185, 68 Stat. 955 (42 U.S.C. 2235). Sections 50.33a, 50.55a and
appendix Q also issued under sec. 102, Public Law 91-190, 83 Stat.
853 (42 U.S.C. 4332). Sections 50.34 and 50.54 also issued under
sec. 204, 88 Stat. 1245 (42 U.S.C. 5844). Sections 50.58, 50.91, and
50.92 also issued under Public Law 97-415, 96 Stat. 2073 (42 U.S.C.
2239). Section 50.78 also issued under sec. 122, 68 Stat. 939 (42
U.S.C. 2152). Sections 50.80-50.81 also issued under sec. 184, 68
Stat. 954, as amended (42 U.S.C. 2234). Appendix F also issued under
sec. 187, 68 Stat. 955 (42 U.S.C. 2237).
0
2. In Sec. 50.34, footnote 9 is removed and reserved, paragraphs (c),
(d) and (e) are revised, and paragraph (i) is added to read as follows:
Sec. 50.34 Contents of construction permit and operating license
applications; technical information.
* * * * *
(c) Physical security plan. (1) Each applicant for an operating
license for a production or utilization facility that will be subject
to Sec. Sec. 73.50 and 73.60 of this chapter must include a physical
security plan.
(2) Each applicant for an operating license for a utilization
facility that will be subject to the requirements of Sec. 73.55 of
this chapter must include a physical security plan, a training and
qualification plan in accordance with the criteria set forth in
appendix B to part 73 of this chapter, and a cyber security plan in
accordance with the criteria set forth in Sec. 73.54 of this chapter.
(3) The physical security plan must describe how the applicant will
meet the requirements of part 73 of this chapter (and part 11 of this
chapter, if applicable, including the identification and description of
jobs as required by Sec. 11.11(a) of this chapter, at the proposed
facility). Security plans must list tests, inspections, audits, and
other means to be used to demonstrate compliance with the requirements
of 10 CFR parts 11 and 73, if applicable.
(d) Safeguards contingency plan. (1) Each application for a license
to operate a production or utilization facility that will be subject to
Sec. Sec. 73.50 and 73.60 of this chapter must include a licensee
safeguards contingency plan in accordance with the criteria set forth
in section I of appendix C to part 73 of this chapter. The
``implementation procedures'' required per section I of appendix C to
part 73 of this chapter do not have to be submitted to the Commission
for approval.
(2) Each application for a license to operate a utilization
facility that will be subject to Sec. 73.55 of this chapter must
include a licensee safeguards contingency plan in accordance with the
criteria set forth in section II of appendix C to part 73 of this
chapter. The ``implementing procedures'' required in section II of
appendix C to part 73 of this chapter do not have to be submitted to
the Commission for approval.
(e) Protection against unauthorized disclosure. Each applicant for
an operating license for a production or utilization facility, who
prepares a physical security plan, a safeguards contingency plan, a
training and qualification plan, or a cyber security plan, shall
protect the plans and other related Safeguards Information against
unauthorized disclosure in accordance with the requirements of Sec.
73.21 of this chapter.
* * * * *
(i) A description and plans for implementation of the guidance and
strategies intended to maintain or restore core cooling, containment,
and spent fuel pool cooling capabilities under the circumstances
associated with the loss of large areas of the plant due to explosions
or fire as required by Sec. 50.54(hh)(2) of this chapter.
0
3. In Sec. 50.54, paragraph (p)(1) is revised and paragraph (hh) is
added to read as follows:
Sec. 50.54 Conditions of licenses.
* * * * *
(p)(1) The licensee shall prepare and maintain safeguards
contingency plan procedures in accordance with appendix C of part 73 of
this chapter for affecting the actions and decisions contained in the
Responsibility Matrix of the safeguards contingency plan. The licensee
may not make a change which would decrease the effectiveness of a
physical security plan, or guard training and qualification plan, or
cyber security plan prepared under Sec. 50.34(c) or Sec. 52.79(a), or
part 73 of this chapter, or of the first four categories of information
(Background, Generic Planning Base, Licensee Planning Base,
Responsibility Matrix) contained in a licensee safeguards contingency
plan prepared under Sec. 50.34(d) or Sec. 52.79(a), or part 73 of
this chapter, as applicable, without prior approval of the Commission.
A licensee desiring to make such a change shall submit an application
for amendment to the licensee's license under Sec. 50.90.
* * * * *
(hh) (1) Each licensee shall develop, implement and maintain
procedures that describe how the licensee will address the following
areas if the licensee is notified of a potential aircraft threat:
(i) Verification of the authenticity of threat notifications;
(ii) Maintenance of continuous communication with threat
notification sources;
(iii) Contacting all onsite personnel and applicable offsite
response organizations;
(iv) Onsite actions necessary to enhance the capability of the
facility to mitigate the consequences of an aircraft impact;
(v) Measures to reduce visual discrimination of the site relative
to its surroundings or individual buildings within the protected area;
(vi) Dispersal of equipment and personnel, as well as rapid entry
into site protected areas for essential onsite personnel and offsite
responders who are necessary to mitigate the event; and
(vii) Recall of site personnel.
(2) Each licensee shall develop and implement guidance and
strategies intended to maintain or restore core cooling, containment,
and spent fuel pool cooling capabilities under the circumstances
associated with loss of large areas of the plant due to explosions or
fire, to include strategies in the following areas:
(i) Fire fighting;
(ii) Operations to mitigate fuel damage; and
(iii) Actions to minimize radiological release.
(3) This section does not apply to a nuclear power plant for which
the certifications required under Sec. 50.82(a) or Sec. 52.110(a)(1)
of this chapter have been submitted.
[[Page 13970]]
PART 52--LICENSES, CERTIFICATIONS, AND APPROVALS FOR NUCLEAR POWER
PLANTS
0
4. The authority citation for part 52 continues to read as follows:
Authority: Secs. 103, 104, 161, 182, 183, 186, 189, 68 Stat.
936, 948, 953, 954, 955, 956, as amended, sec. 234, 83 Stat. 444, as
amended (42 U.S.C. 2133, 2201, 2232, 2233, 2236, 2239, 2282); secs.
201, 202, 206, 88 Stat. 1242, 1244, 1246, as amended (42 U.S.C.
5841, 5842, 5846); sec. 1704, 112 Stat. 2750 (44 U.S.C. 3504 note),
Energy Policy Act of 2005, Public Law No. 109-58, 119 Stat. 594
(2005).
0
5. In Sec. 52.79, paragraphs (a)(36)(iii) and (iv) are redesignated as
paragraphs (a)(36)(iv) and (v), respectively, and revised, and a new
paragraph (a)(36)(iii) is added to read as follows:
Sec. 52.79 Contents of applications; technical information in final
safety analysis report.
(a) * * *
(36) * * *
(iii) A cyber security plan in accordance with the criteria set
forth in Sec. 73.54 of this chapter;
(iv) A description of the implementation of the safeguards
contingency plan, training and qualification plan, and cyber security
plan; and
(v) Each applicant who prepares a physical security plan, a
safeguards contingency plan, a training and qualification plan, or a
cyber security plan, shall protect the plans and other related
Safeguards Information against unauthorized disclosure in accordance
with the requirements of Sec. 73.21 of this chapter.
* * * * *
0
6. In Sec. 52.80, paragraph (d) is added to read as follows:
Sec. 52.80 Contents of applications; additional technical
information.
* * * * *
(d) A description and plans for implementation of the guidance and
strategies intended to maintain or restore core cooling, containment,
and spent fuel pool cooling capabilities under the circumstances
associated with the loss of large areas of the plant due to explosions
or fire as required by Sec. 50.54(hh)(2) of this chapter.
PART 72--LICENSING REQUIREMENTS FOR THE INDEPENDENT STORAGE OF
SPENT NUCLEAR FUEL, HIGH-LEVEL RADIOACTIVE WASTE, AND REACTOR-
RELATED GREATER THAN CLASS C WASTE
0
7. The authority citation for part 72 continues to read as follows:
Authority: Secs. 51, 53, 57, 62, 63, 65, 69, 81, 161, 182, 183,
184, 186, 187, 189, 68 Stat. 929, 930, 932, 933, 934, 935, 948, 953,
954, 955, as amended, sec. 234, 83 Stat. 444, as amended (42 U.S.C.
2071, 2073, 2077, 2092, 2093, 2095, 2099, 2111, 2201, 2232, 2233,
2234, 2236, 2237, 2238, 2282); sec. 274, Public Law 86-373, 73 Stat.
688, as amended (42 U.S.C. 2021); sec. 201, as amended, 202, 206, 88
Stat. 1242, as amended, 1244, 1246 (42 U.S.C. 5841, 5842, 5846);
Public Law 95-601, sec. 10, 92 Stat. 2951 as amended by Public Law
102-486, sec. 7902, 106 Stat. 3123 (42 U.S.C. 5851); sec. 102,
Public Law 91-190, 83 Stat. 853 (42 U.S.C. 4332); secs. 131, 132,
133, 135, 137, 141, Public Law 97-425, 96 Stat. 2229, 2230, 2232,
2241, sec. 148, Public Law 100-203, 101 Stat. 1330-235 (42 U.S.C.
10151, 10152, 10153, 10155, 10157, 10161, 10168); sec. 1704, 112
Stat. 2750 (44 U.S.C. 3504 note); Energy Policy Act of 2005, Public
Law 109-58, 119 Stat. 549 (2005).
Section 72.44(g) also issued under secs. 142(b) and 148(c), (d),
Public Law 100-203, 101 Stat. 1330-232, 1330-236 (42 U.S.C.
10162(b), 10168(c), (d)). Section 72.46 also issued under sec. 189,
68 Stat. 955 (42 U.S.C. 2239); sec. 134, Public Law 97-425, 96 Stat.
2230 (42 U.S.C. 10154). Section 72.96(d) also issued under sec.
145(g), Public Law 100-203, 101 Stat. 1330-235 (42 U.S.C. 10165(g)).
Subpart J also issued under secs. 2(2), 2(15), 2(19), 117(a),
141(h), Public Law 97-425, 96 Stat. 2202, 2203, 2204, 2222, 2224 (42
U.S.C. 10101, 10137(a), 10161(h)).
Subparts K and L are also issued under sec. 133, 98 Stat. 2230
(42 U.S.C. 10153) and sec. 218(a), 96 Stat. 2252 (42 U.S.C. 10198).
0
8. In Sec. 72.212, paragraphs (b)(5)(ii), (b)(5(iii), (b)(5)(iv), and
(b)(5)(v) are revised to read as follows:
Sec. 72.212 Conditions of general license issued under Sec. 72.210.
* * * * *
(b) * * *
(5) * * *
(ii) Storage of spent fuel must be within a protected area, in
accordance with Sec. 73.55(e) of this chapter, but need not be within
a separate vital area. Existing protected areas may be expanded or new
protected areas added for the purpose of storage of spent fuel in
accordance with this general license.
(iii) For purposes of this general license, personnel searches
required by Sec. 73.55(h) of this chapter before admission to a new
protected area may be performed by physical pat-down searches of
persons in lieu of firearms and explosives detection equipment.
(iv) The observational capability required by Sec. 73.55(i)(3) of
this chapter as applied to a new protected area may be provided by a
guard or watchman on patrol in lieu of video surveillance technology.
(v) For the purpose of this general license, the licensee is exempt
from requirements to interdict and neutralize threats in Sec. 73.55 of
this chapter.
* * * * *
PART 73--PHYSICAL PROTECTION OF PLANTS AND MATERIALS
0
9. The authority citation for part 73 continues to read as follows:
Authority: Secs. 53, 161, 149, 68 Stat. 930, 948, as amended,
sec. 147, 94 Stat. 780 (42 U.S.C. 2073, 2167, 2169, 2201): sec. 201,
as amended, 204, 88 Stat. 1242, as amended, 1245, sec. 1701, 106
Stat. 2951, 2952, 2953 (42 U.S.C. 5841, 5844, 2297f); sec.1704, 112
Stat. 2750 (44 U.S.C. 3504 note): Energy Policy Act of 2005, Public
Law 109-58, 119 Stat. 594 (2005).
Section 73.1 also issued under sec. 135, 141, Public Law 97-425,
96 Stat. 2232, 2241 (42 U.S.C, 10155, 10161). Section 73.37(f) also
issued under sec. 301, Public Law 96-295, 94 Stat.789 (42 U.S.C.
5841 note). Section 73.57 is issued under sec. 606, Public Law 99-
399, 100 Stat. 876 (42 U.S.C. 2169).
0
10. In Sec. 73.8, paragraph (b) is revised and paragraph (c) is added
to read as follows:
Sec. 73.8 Information collection requirements: OMB approval.
* * * * *
(b) The approved information collection requirements contained in
this part appear in Sec. Sec. 73.5, 73.20, 73.21, 73.24, 73.25, 73.26,
73.27, 73.37, 73.40, 73.45, 73.46, 73.50, 73.54, 73.55, 73.56, 73.57,
73.58, 73.60, 73.67, 73.70, 73.71, 73.72, 73.73, 73.74, and Appendices
B, C, and G to this part.
(c) This part contains information collection requirements in
addition to those approved under the control number specified in
paragraph (a) of this section. The information collection requirement
and the control numbers under which it is approved are as follows:
(1) In Sec. 73.71, NRC Form 366 is approved under control number
3150-0104.
(2) [Reserved]
0
11. Section 73.54 is added to read as follows:
Sec. 73.54 Protection of digital computer and communication systems
and networks.
By November 23, 2009 each licensee currently licensed to operate a
nuclear power plant under part 50 of this chapter shall submit, as
specified in Sec. 50.4 and Sec. 50.90 of this chapter, a cyber
security plan that satisfies the requirements of this section for
Commission review and approval. Each submittal must include a proposed
implementation schedule. Implementation of the licensee's cyber
security program must be consistent with the approved schedule. Current
applicants for an operating license or combined license who have
submitted their applications to the Commission prior to the effective
date of this rule
[[Page 13971]]
must amend their applications to include a cyber security plan
consistent with this section.
(a) Each licensee subject to the requirements of this section shall
provide high assurance that digital computer and communication systems
and networks are adequately protected against cyber attacks, up to and
including the design basis threat as described in Sec. 73.1.
(1) The licensee shall protect digital computer and communication
systems and networks associated with:
(i) Safety-related and important-to-safety functions;
(ii) Security functions;
(iii) Emergency preparedness functions, including offsite
communications; and
(iv) Support systems and equipment which, if compromised, would
adversely impact safety, security, or emergency preparedness functions.
(2) The licensee shall protect the systems and networks identified
in paragraph (a)(1) of this section from cyber attacks that would:
(i) Adversely impact the integrity or confidentiality of data and/
or software;
(ii) Deny access to systems, services, and/or data; and
(iii) Adversely impact the operation of systems, networks, and
associated equipment.
(b) To accomplish this, the licensee shall:
(1) Analyze digital computer and communication systems and networks
and identify those assets that must be protected against cyber attacks
to satisfy paragraph (a) of this section,
(2) Establish, implement, and maintain a cyber security program for
the protection of the assets identified in paragraph (b)(1) of this
section; and
(3) Incorporate the cyber security program as a component of the
physical protection program.
(c) The cyber security program must be designed to:
(1) Implement security controls to protect the assets identified by
paragraph (b)(1) of this section from cyber attacks;
(2) Apply and maintain defense-in-depth protective strategies to
ensure the capability to detect, respond to, and recover from cyber
attacks;
(3) Mitigate the adverse affects of cyber attacks; and
(4) Ensure that the functions of protected assets identified by
paragraph (b)(1) of this section are not adversely impacted due to
cyber attacks.
(d) As part of the cyber security program, the licensee shall:
(1) Ensure that appropriate facility personnel, including
contractors, are aware of cyber security requirements and receive the
training necessary to perform their assigned duties and
responsibilities.
(2) Evaluate and manage cyber risks.
(3) Ensure that modifications to assets, identified by paragraph
(b)(1) of this section, are evaluated before implementation to ensure
that the cyber security performance objectives identified in paragraph
(a)(1) of this section are maintained.
(e) The licensee shall establish, implement, and maintain a cyber
security plan that implements the cyber security program requirements
of this section.
(1) The cyber security plan must describe how the requirements of
this section will be implemented and must account for the site-specific
conditions that affect implementation.
(2) The cyber security plan must include measures for incident
response and recovery for cyber attacks. The cyber security plan must
describe how the licensee will:
(i) Maintain the capability for timely detection and response to
cyber attacks;
(ii) Mitigate the consequences of cyber attacks;
(iii) Correct exploited vulnerabilities; and
(iv) Restore affected systems, networks, and/or equipment affected
by cyber attacks.
(f) The licensee shall develop and maintain written policies and
implementing procedures to implement the cyber security plan. Policies,
implementing procedures, site-specific analysis, and other supporting
technical information used by the licensee need not be submitted for
Commission review and approval as part of the cyber security plan but
are subject to inspection by NRC staff on a periodic basis.
(g) The licensee shall review the cyber security program as a
component of the physical security program in accordance with the
requirements of Sec. 73.55(m), including the periodicity requirements.
(h) The licensee shall retain all records and supporting technical
documentation required to satisfy the requirements of this section as a
record until the Commission terminates the license for which the
records were developed, and shall maintain superseded portions of these
records for at least three (3) years after the record is superseded,
unless otherwise specified by the Commission.
0
12. Section 73.55 is revised to read as follows:
Sec. 73.55 Requirements for physical protection of licensed
activities in nuclear power reactors against radiological sabotage.
(a) Introduction. (1) By March 31, 2010, each nuclear power reactor
licensee, licensed under 10 CFR part 50, shall implement the
requirements of this section through its Commission-approved Physical
Security Plan, Training and Qualification Plan, Safeguards Contingency
Plan, and Cyber Security Plan referred to collectively hereafter as
``security plans.'' Current applicants for an operating license under
10 CFR part 50, or combined license under 10 CFR part 52 who have
submitted their applications to the Commission prior to the effective
date of this rule must amend their applications to include security
plans consistent with this section.
(2) The security plans must identify, describe, and account for
site-specific conditions that affect the licensee's capability to
satisfy the requirements of this section.
(3) The licensee is responsible for maintaining the onsite physical
protection program in accordance with Commission regulations through
the implementation of security plans and written security implementing
procedures.
(4) Applicants for an operating license under the provisions of
part 50 of this chapter or holders of a combined license under the
provisions of part 52 of this chapter, shall implement the requirements
of this section before fuel is allowed onsite (protected area).
(5) The Tennessee Valley Authority Watts Bar Nuclear Plant, Unit 2,
holding a current construction permit under the provisions of part 50
of this chapter, shall meet the revised requirements in paragraphs (a)
through (r) of this section as applicable to operating nuclear power
reactor facilities.
(6) Applicants for an operating license under the provisions of
part 50 of this chapter, or holders of a combined license under the
provisions of part 52 of this chapter that do not reference a standard
design certification or reference a standard design certification
issued after May 26, 2009 shall meet the requirement of Sec.
73.55(i)(4)(iii).
(b) General performance objective and requirements. (1) The
licensee shall establish and maintain a physical protection program, to
include a security organization, which will have as its objective to
provide high assurance that activities involving special nuclear
material are not inimical to the common defense and security and do not
constitute an unreasonable risk to the public health and safety.
[[Page 13972]]
(2) To satisfy the general performance objective of paragraph
(b)(1) of this section, the physical protection program must protect
against the design basis threat of radiological sabotage as stated in
Sec. 73.1.
(3) The physical protection program must be designed to prevent
significant core damage and spent fuel sabotage. Specifically, the
program must:
(i) Ensure that the capabilities to detect, assess, interdict, and
neutralize threats up to and including the design basis threat of
radiological sabotage as stated in Sec. 73.1, are maintained at all
times.
(ii) Provide defense-in-depth through the integration of systems,
technologies, programs, equipment, supporting processes, and
implementing procedures as needed to ensure the effectiveness of the
physical protection program.
(4) The licensee shall analyze and identify site-specific
conditions, including target sets, that may affect the specific
measures needed to implement the requirements of this section and shall
account for these conditions in the design of the physical protection
program.
(5) Upon the request of an authorized representative of the
Commission, the licensee shall demonstrate the ability to meet
Commission requirements through the implementation of the physical
protection program, including the ability of armed and unarmed
personnel to perform assigned duties and responsibilities required by
the security plans and licensee procedures.
(6) The licensee shall establish, maintain, and implement a
performance evaluation program in accordance with appendix B to this
part, to demonstrate and assess the effectiveness of armed responders
and armed security officers to implement the licensee's protective
strategy.
(7) The licensee shall establish, maintain, and implement an access
authorization program in accordance with Sec. 73.56 and shall describe
the program in the Physical Security Plan.
(8) The licensee shall establish, maintain, and implement a cyber
security program in accordance with Sec. 73.54.
(9) The licensee shall establish, maintain, and implement an
insider mitigation program and shall describe the program in the
Physical Security Plan.
(i) The insider mitigation program must monitor the initial and
continuing trustworthiness and reliability of individuals granted or
retaining unescorted access authorization to a protected or vital area,
and implement defense-in-depth methodologies to minimize the potential
for an insider to adversely affect, either directly or indirectly, the
licensee's capability to prevent significant core damage and spent fuel
sabotage.
(ii) The insider mitigation program must contain elements from:
(A) The access authorization program described in Sec. 73.56;
(B) The fitness-for-duty program described in part 26 of this
chapter;
(C) The cyber security program described in Sec. 73.54; and
(D) The physical protection program described in this section.
(10) The licensee shall use the site corrective action program to
track, trend, correct and prevent recurrence of failures and
deficiencies in the physical protection program.
(11) Implementation of security plans and associated procedures
must be coordinated with other onsite plans and procedures to preclude
conflict during both normal and emergency conditions.
(c) Security plans. (1) Licensee security plans must describe:
(i) How the licensee will implement requirements of this section
through the establishment and maintenance of a security organization,
the use of security equipment and technology, the training and
qualification of security personnel, the implementation of
predetermined response plans and strategies, and the protection of
digital computer and communication systems and networks.
(ii) Site-specific conditions that affect how the licensee
implements Commission requirements.
(2) Protection of Security Plans. The licensee shall protect the
security plans and other security-related information against
unauthorized disclosure in accordance with the requirements of Sec.
73.21.
(3) Physical Security Plan. The licensee shall establish, maintain,
and implement a Physical Security Plan which describes how the
performance objective and requirements set forth in this section will
be implemented.
(4) Training and Qualification Plan. The licensee shall establish,
maintain, and implement, and follow a Training and Qualification Plan
that describes how the criteria set forth in appendix B, to this part,
``General Criteria for Security Personnel,'' will be implemented.
(5) Safeguards Contingency Plan. The licensee shall establish,
maintain, and implement a Safeguards Contingency Plan that describes
how the criteria set forth in appendix C, to this part, ``Licensee
Safeguards Contingency Plans,'' will be implemented.
(6) Cyber Security Plan. The licensee shall establish, maintain,
and implement a Cyber Security Plan that describes how the criteria set
forth in Sec. 73.54 ``Protection of Digital Computer and Communication
systems and Networks'' of this part will be implemented.
(7) Security implementing procedures.
(i) The licensee shall have a management system to provide for the
development, implementation, revision, and oversight of security
procedures that implement Commission requirements and the security
plans.
(ii) Implementing procedures must document the structure of the
security organization and detail the types of duties, responsibilities,
actions, and decisions to be performed or made by each position of the
security organization.
(iii) The licensee shall:
(A) Provide a process for the written approval of implementing
procedures and revisions by the individual with overall responsibility
for the security program.
(B) Ensure that revisions to security implementing procedures
satisfy the requirements of this section.
(iv) Implementing procedures need not be submitted to the
Commission for approval, but are subject to inspection by the
Commission.
(d) Security organization. (1) The licensee shall establish and
maintain a security organization that is designed, staffed, trained,
qualified, and equipped to implement the physical protection program in
accordance with the requirements of this section.
(2) The security organization must include:
(i) A management system that provides oversight of the onsite
physical protection program.
(ii) At least one member, onsite and available at all times, who
has the authority to direct the activities of the security organization
and who is assigned no other duties that would interfere with this
individual's ability to perform these duties in accordance with the
security plans and the licensee protective strategy.
(3) The licensee may not permit any individual to implement any
part of the physical protection program unless the individual has been
trained, equipped, and qualified to perform their assigned duties and
responsibilities in accordance with appendix B to this part and the
Training and Qualification Plan. Non-security personnel may be assigned
duties and responsibilities required to implement the physical
protection program and shall:
[[Page 13973]]
(i) Be trained through established licensee training programs to
ensure each individual is trained, qualified, and periodically re-
qualified to perform assigned duties.
(ii) Be properly equipped to perform assigned duties.
(iii) Possess the knowledge, skills, and abilities, to include
physical attributes such as sight and hearing, required to perform
their assigned duties and responsibilities.
(e) Physical barriers. Each licensee shall identify and analyze
site-specific conditions to determine the specific use, type, function,
and placement of physical barriers needed to satisfy the physical
protection program design requirements of Sec. 73.55(b).
(1) The licensee shall:
(i) Design, construct, install and maintain physical barriers as
necessary to control access into facility areas for which access must
be controlled or denied to satisfy the physical protection program
design requirements of paragraph (b) of this section.
(ii) Describe in the security plan, physical barriers, barrier
systems, and their functions within the physical protection program.
(2) The licensee shall retain, in accordance with Sec. 73.70, all
analyses and descriptions of the physical barriers and barrier systems
used to satisfy the requirements of this section, and shall protect
these records in accordance with the requirements of Sec. 73.21.
(3) Physical barriers must:
(i) Be designed and constructed to:
(A) Protect against the design basis threat of radiological
sabotage;
(B) Account for site-specific conditions; and
(C) Perform their required function in support of the licensee
physical protection program.
(ii) Provide deterrence, delay, or support access control.
(iii) Support effective implementation of the licensee's protective
strategy.
(4) Consistent with the stated function to be performed, openings
in any barrier or barrier system established to meet the requirements
of this section must be secured and monitored to prevent exploitation
of the opening.
(5) Bullet Resisting Physical Barriers. The reactor control room,
the central alarm station, and the location within which the last
access control function for access to the protected area is performed,
must be bullet-resisting.
(6) Owner controlled area. The licensee shall establish and
maintain physical barriers in the owner controlled area as needed to
satisfy the physical protection program design requirements of Sec.
73.55(b).
(7) Isolation zone.
(i) An isolation zone must be maintained in outdoor areas adjacent
to the protected area perimeter barrier. The isolation zone shall be:
(A) Designed and of sufficient size to permit observation and
assessment of activities on either side of the protected area barrier;
(B) Monitored with intrusion detection equipment designed to
satisfy the requirements of Sec. 73.55(i) and be capable of detecting
both attempted and actual penetration of the protected area perimeter
barrier before completed penetration of the protected area perimeter
barrier; and
(C) Monitored with assessment equipment designed to satisfy the
requirements of Sec. 73.55(i) and provide real-time and play-back/
recorded video images of the detected activities before and after each
alarm annunciation.
(ii) Obstructions that could prevent the licensee's capability to
meet the observation and assessment requirements of this section must
be located outside of the isolation zone.
(8) Protected area.
(i) The protected area perimeter must be protected by physical
barriers that are designed and constructed to:
(A) Limit access into the protected area to only those personnel,
vehicles, and materials required to perform official duties;
(B) Channel personnel, vehicles, and materials to designated access
control portals; and
(C) Be separated from any other barrier designated as a vital area
physical barrier, unless otherwise identified in the Physical Security
Plan.
(ii) Penetrations through the protected area barrier must be
secured and monitored in a manner that prevents or delays, and detects
the exploitation of any penetration.
(iii) All emergency exits in the protected area must be alarmed and
secured by locking devices that allow prompt egress during an emergency
and satisfy the requirements of this section for access control into
the protected area.
(iv) Where building walls or roofs comprise a portion of the
protected area perimeter barrier, an isolation zone is not necessary
provided that the detection and, assessment requirements of this
section are met, appropriate barriers are installed, and the area is
described in the security plans.
(v) All exterior areas within the protected area, except for areas
that must be excluded for safety reasons, must be periodically checked
to detect and deter unauthorized personnel, vehicles, and materials.
(9) Vital areas.
(i) Vital equipment must be located only within vital areas, which
must be located within a protected area so that access to vital
equipment requires passage through at least two physical barriers,
except as otherwise approved by the Commission and identified in the
security plans.
(ii) The licensee shall protect all vital area access portals and
vital area emergency exits with intrusion detection equipment and
locking devices that allow rapid egress during an emergency and satisfy
the vital area entry control requirements of this section.
(iii) Unoccupied vital areas must be locked and alarmed.
(iv) More than one vital area may be located within a single
protected area.
(v) At a minimum, the following shall be considered vital areas:
(A) The reactor control room;
(B) The spent fuel pool;
(C) The central alarm station; and
(D) The secondary alarm station in accordance with Sec.
73.55(i)(4)(iii).
(vi) At a minimum, the following shall be located within a vital
area:
(A) The secondary power supply systems for alarm annunciation
equipment; and
(B) The secondary power supply systems for non-portable
communications equipment.
(10) Vehicle control measures. Consistent with the physical
protection program design requirements of Sec. 73.55(b), and in
accordance with the site-specific analysis, the licensee shall
establish and maintain vehicle control measures, as necessary, to
protect against the design basis threat of radiological sabotage
vehicle bomb assault.
(i) Land vehicles. Licensees shall:
(A) Design, construct, install, and maintain a vehicle barrier
system, to include passive and active barriers, at a stand-off distance
adequate to protect personnel, equipment, and systems necessary to
prevent significant core damage and spent fuel sabotage against the
effects of the design basis threat of radiological sabotage land
vehicle bomb assault.
(B) Periodically check the operation of active vehicle barriers and
provide a secondary power source, or a means of mechanical or manual
operation in the event of a power failure, to ensure that the active
barrier can be placed in the denial position to prevent unauthorized
vehicle access beyond the required standoff distance.
(C) Provide periodic surveillance and observation of vehicle
barriers and barrier systems adequate to detect
[[Page 13974]]
indications of tampering and degradation or to otherwise ensure that
each vehicle barrier and barrier system is able to satisfy the intended
function.
(D) Where a site has rail access to the protected area, install a
train derailer, remove a section of track, or restrict access to
railroad sidings and provide periodic surveillance of these measures.
(ii) Waterborne vehicles. Licensees shall:
(A) Identify areas from which a waterborne vehicle must be
restricted, and where possible, in coordination with local, State, and
Federal agencies having jurisdiction over waterway approaches, deploy
buoys, markers, or other equipment.
(B) In accordance with the site-specific analysis, provide periodic
surveillance and observation of waterway approaches and adjacent areas.
(f) Target sets. (1) The licensee shall document and maintain the
process used to develop and identify target sets, to include the site-
specific analyses and methodologies used to determine and group the
target set equipment or elements.
(2) The licensee shall consider cyber attacks in the development
and identification of target sets.
(3) Target set equipment or elements that are not contained within
a protected or vital area must be identified and documented consistent
with the requirements in Sec. 73.55(f)(1) and be accounted for in the
licensee's protective strategy.
(4) The licensee shall implement a process for the oversight of
target set equipment and systems to ensure that changes to the
configuration of the identified equipment and systems are considered in
the licensee's protective strategy. Where appropriate, changes must be
made to documented target sets.
(g) Access controls. (1) Consistent with the function of each
barrier or barrier system, the licensee shall control personnel,
vehicle, and material access, as applicable, at each access control
point in accordance with the physical protection program design
requirements of Sec. 73.55(b).
(i) To accomplish this, the licensee shall:
(A) Locate access control portals outside of, or concurrent with,
the physical barrier system through which it controls access.
(B) Equip access control portals with locking devices, intrusion
detection equipment, and surveillance equipment consistent with the
intended function.
(C) Provide supervision and control over the badging process to
prevent unauthorized bypass of access control equipment located at or
outside of the protected area.
(D) Limit unescorted access to the protected area and vital areas,
during non-emergency conditions, to only those individuals who require
unescorted access to perform assigned duties and responsibilities.
(E) Assign an individual the responsibility for the last access
control function (controlling admission to the protected area) and
isolate the individual within a bullet-resisting structure to assure
the ability of the individual to respond or summon assistance.
(ii) Where vehicle barriers are established, the licensee shall:
(A) Physically control vehicle barrier portals to ensure only
authorized vehicles are granted access through the barrier.
(B) Search vehicles and materials for contraband or other items
which could be used to commit radiological sabotage in accordance with
paragraph (h) of this section.
(C) Observe search functions to ensure a response can be initiated
if needed.
(2) Before granting access into the protected area, the licensee
shall:
(i) Confirm the identity of individuals.
(ii) Verify the authorization for access of individuals, vehicles,
and materials.
(iii) Confirm, in accordance with industry shared lists and
databases that individuals are not currently denied access to another
licensed facility.
(iv) Search individuals, vehicles, and materials in accordance with
paragraph (h) of this section.
(3) Vehicles in the protected area.
(i) The licensee shall exercise control over all vehicles inside
the protected area to ensure that they are used only by authorized
persons and for authorized purposes.
(ii) Vehicles inside the protected area must be operated by an
individual authorized unescorted access to the area, or must be
escorted by an individual as required by paragraph (g)(8) of this
section.
(iii) Vehicle use inside the protected area must be limited to
plant functions or emergencies, and keys must be removed or the vehicle
otherwise disabled when not in use.
(iv) Vehicles transporting hazardous materials inside the protected
area must be escorted by an armed member of the security organization.
(4) Vital Areas.
(i) Licensees shall control access into vital areas consistent with
access authorization lists.
(ii) In response to a site-specific credible threat or other
credible information, implement a two-person (line-of-sight) rule for
all personnel in vital areas so that no one individual is permitted
access to a vital area.
(5) Emergency conditions.
(i) The licensee shall design the access control system to
accommodate the potential need for rapid ingress or egress of
authorized individuals during emergency conditions or situations that
could lead to emergency conditions.
(ii) To satisfy the design criteria of paragraph (g)(5)(i) of this
section during emergency conditions, the licensee shall implement
security procedures to ensure that authorized emergency personnel are
provided prompt access to affected areas and equipment.
(6) Access control devices.
(i) The licensee shall control all keys, locks, combinations,
passwords and related access control devices used to control access to
protected areas, vital areas and security systems to reduce the
probability of compromise. To accomplish this, the licensee shall:
(A) Issue access control devices only to individuals who have
unescorted access authorization and require access to perform official
duties and responsibilities.
(B) Maintain a record, to include name and affiliation, of all
individuals to whom access control devices have been issued, and
implement a process to account for access control devices at least
annually.
(C) Implement compensatory measures upon discovery or suspicion
that any access control device may have been compromised. Compensatory
measures must remain in effect until the compromise is corrected.
(D) Retrieve, change, rotate, deactivate, or otherwise disable
access control devices that have been or may have been compromised or
when a person with access to control devices has been terminated under
less than favorable conditions.
(ii) The licensee shall implement a numbered photo identification
badge system for all individuals authorized unescorted access to the
protected area and vital areas.
(A) Identification badges may be removed from the protected area
only when measures are in place to confirm the true identity and
authorization for unescorted access of the badge holder before allowing
unescorted access to the protected area.
(B) Except where operational safety concerns require otherwise,
identification badges must be clearly displayed by all individuals
while inside the protected area and vital areas.
(C) The licensee shall maintain a record, to include the name and
areas to which unescorted access is granted, of
[[Page 13975]]
all individuals to whom photo identification badges have been issued.
(iii) Access authorization program personnel shall be issued
passwords and combinations to perform their assigned duties and may be
excepted from the requirement of paragraph (g)(6)(i)(A) of this section
provided they meet the background requirements of Sec. 73.56.
(7) Visitors.
(i) The licensee may permit escorted access to protected and vital
areas to individuals who have not been granted unescorted access in
accordance with the requirements of Sec. 73.56 and part 26 of this
chapter. The licensee shall:
(A) Implement procedures for processing, escorting, and controlling
visitors.
(B) Confirm the identity of each visitor through physical
presentation of a recognized identification card issued by a local,
State, or Federal government agency that includes a photo or contains
physical characteristics of the individual requesting escorted access.
(C) Maintain a visitor control register in which all visitors shall
register their name, date, time, purpose of visit, employment
affiliation, citizenship, and name of the individual to be visited
before being escorted into any protected or vital area.
(D) Issue a visitor badge to all visitors that clearly indicates an
escort is required.
(E) Escort all visitors, at all times, while inside the protected
area and vital areas.
(F) Deny escorted access to any individual who is currently denied
access in industry shared data bases.
(ii) Individuals not employed by the licensee but who require
frequent or extended unescorted access to the protected area and/or
vital areas to perform duties and responsibilities required by the
licensee at irregular or intermittent intervals, shall satisfy the
access authorization requirements of Sec. 73.56 and part 26 of this
chapter, and shall be issued a non-employee photo identification badge
that is easily distinguished from other identification badges before
being allowed unescorted access to the protected and vital areas. Non-
employee photo identification badges must visually reflect that the
individual is a non-employee and that no escort is required.
(8) Escorts. The licensee shall ensure that all escorts are trained
to perform escort duties in accordance with the requirements of this
section and site training requirements.
(i) Escorts shall be authorized unescorted access to all areas in
which they will perform escort duties.
(ii) Individuals assigned to visitor escort duties shall be
provided a means of timely communication with security personnel to
summon assistance when needed.
(iii) Individuals assigned to vehicle escort duties shall be
trained and qualified in accordance with appendix B of this part and
provided a means of continuous communication with security personnel to
ensure the ability to summon assistance when needed.
(iv) When visitors are performing work, escorts shall be generally
knowledgeable of the activities to be performed by the visitor and
report behaviors or activities that may constitute an unreasonable risk
to the health and safety of the public and common defense and security,
including a potential threat to commit radiological sabotage,
consistent with Sec. 73.56(f)(1).
(v) Each licensee shall describe visitor to escort ratios for the
protected area and vital areas in physical security plans. Implementing
procedures shall provide necessary observation and control requirements
for all visitor activities.
(h) Search programs. (1) The objective of the search program is to
detect, deter, and prevent the introduction of firearms, explosives,
incendiary devices, or other items which could be used to commit
radiological sabotage. To accomplish this the licensee shall search
individuals, vehicles, and materials consistent with the physical
protection program design requirements in paragraph (b) of this
section, and the function to be performed at each access control point
or portal before granting access.
(2) Owner controlled area searches.
(i) Where the licensee has established physical barriers in the
owner controlled area, the licensee shall implement search procedures
for access control points in the barrier.
(ii) For each vehicle access control point, the licensee shall
describe in implementing procedures areas of a vehicle to be searched,
and the items for which the search is intended to detect and prevent
access. Areas of the vehicle to be searched must include, but are not
limited to, the cab, engine compartment, undercarriage, and cargo area.
(iii) Vehicle searches must be performed by at least two (2)
trained and equipped security personnel, one of which must be armed.
The armed individual shall be positioned to observe the search process
and provide immediate response.
(iv) Vehicle searches must be accomplished through the use of
equipment capable of detecting firearms, explosives, incendiary
devices, or other items which could be used to commit radiological
sabotage, or through visual and physical searches, or both, to ensure
that all items are identified before granting access.
(v) Vehicle access control points must be equipped with video
surveillance equipment that is monitored by an individual capable of
initiating a response.
(3) Protected area searches. Licensees shall search all personnel,
vehicles and materials requesting access to protected areas.
(i) The search for firearms, explosives, incendiary devices, or
other items which could be used to commit radiological sabotage shall
be accomplished through the use of equipment capable of detecting these
items, or through visual and physical searches, or both, to ensure that
all items are clearly identified before granting access to protected
areas. The licensee shall subject all persons except official Federal,
state, and local law enforcement personnel on official duty to these
searches upon entry to the protected area. Armed security officers who
are on duty and have exited the protected area may re-enter the
protected area without being searched for firearms.
(ii) Whenever search equipment is out of service, is not operating
satisfactorily, or cannot be used effectively to search individuals,
vehicles, or materials, a visual and physical search shall be
conducted.
(iii) When an attempt to introduce firearms, explosives, incendiary
devices, or other items which could be used to commit radiological
sabotage has occurred or is suspected, the licensee shall implement
actions to ensure that the suspect individuals, vehicles, and materials
are denied access and shall perform a visual and physical search to
determine the absence or existence of a threat.
(iv) For each vehicle access portal, the licensee shall describe in
implementing procedures areas of a vehicle to be searched before access
is granted. Areas of the vehicle to be searched must include, but are
not limited to, the cab, engine compartment, undercarriage, and cargo
area.
(v) Exceptions to the protected area search requirements for
materials may be granted for safety or operational reasons provided the
design criteria of Sec. 73.55(b) are satisfied, the materials are
clearly identified, the types of exceptions to be granted are described
in the security plans, and the specific security measures to be
implemented for
[[Page 13976]]
excepted items are detailed in site procedures.
(vi) To the extent practicable, excepted materials must be
positively controlled, stored in a locked area, and opened at the final
destination by an individual familiar with the items.
(vii) Bulk material excepted from the protected area search
requirements must be escorted by an armed member of the security
organization to its final destination or to a receiving area where the
excepted items are offloaded and verified.
(viii) To the extent practicable, bulk materials excepted from
search shall not be offloaded adjacent to a vital area.
(i) Detection and assessment systems. (1) The licensee shall
establish and maintain intrusion detection and assessment systems that
satisfy the design requirements of Sec. 73.55(b) and provide, at all
times, the capability to detect and assess unauthorized persons and
facilitate the effective implementation of the licensee's protective
strategy.
(2) Intrusion detection equipment must annunciate and video
assessment equipment shall display concurrently, in at least two
continuously staffed onsite alarm stations, at least one of which must
be protected in accordance with the requirements of the central alarm
station within this section.
(3) The licensee's intrusion detection and assessment systems must
be designed to:
(i) Provide visual and audible annunciation of the alarm.
(ii) Provide a visual display from which assessment of the detected
activity can be made.
(iii) Ensure that annunciation of an alarm indicates the type and
location of the alarm.
(iv) Ensure that alarm devices to include transmission lines to
annunciators are tamper indicating and self-checking.
(v) Provide an automatic indication when the alarm system or a
component of the alarm system fails, or when the system is operating on
the backup power supply.
(vi) Support the initiation of a timely response in accordance with
the security plans, licensee protective strategy, and associated
implementing procedures.
(vii) Ensure intrusion detection and assessment equipment at the
protected area perimeter remains operable from an uninterruptible power
supply in the event of the loss of normal power.
(4) Alarm stations.
(i) Both alarm stations required by paragraph (i)(2) of this
section must be designed and equipped to ensure that a single act, in
accordance with the design basis threat of radiological sabotage
defined in Sec. 73.1(a)(1), cannot disable both alarm stations. The
licensee shall ensure the survivability of at least one alarm station
to maintain the ability to perform the following functions:
(A) Detect and assess alarms;
(B) Initiate and coordinate an adequate response to an alarm;
(C) Summon offsite assistance; and
(D) Provide command and control.
(ii) Licensees shall:
(A) Locate the central alarm station inside a protected area. The
interior of the central alarm station must not be visible from the
perimeter of the protected area.
(B) Continuously staff each alarm station with at least one trained
and qualified alarm station operator. The alarm station operator must
not be assigned other duties or responsibilities which would interfere
with the ability to execute the functions described in Sec.
73.55(i)(4)(i) of this section.
(C) Not permit any activities to be performed within either alarm
station that would interfere with an alarm station operator's ability
to execute assigned duties and responsibilities.
(D) Assess and initiate response to all alarms in accordance with
the security plans and implementing procedures.
(E) Assess and initiate response to other events as appropriate.
(F) Ensure that an alarm station operator cannot change the status
of a detection point or deactivate a locking or access control device
at a protected or vital area portal, without the knowledge and
concurrence of the alarm station operator in the other alarm station.
(G) Ensure that operators in both alarm stations are knowledgeable
of final disposition of all alarms.
(H) Maintain a record of all alarm annunciations, the cause of each
alarm, and the disposition of each alarm.
(iii) Applicants for an operating license under the provisions of
part 50 of this chapter, or holders of a combined license under the
provisions of part 52 of this chapter, shall construct, locate,
protect, and equip both the central and secondary alarm stations to the
standards for the central alarm station contained in this section. Both
alarm stations shall be equal and redundant, such that all functions
needed to satisfy the requirements of this section can be performed in
both alarm stations.
(5) Surveillance, observation, and monitoring.
(i) The physical protection program must include surveillance,
observation, and monitoring as needed to satisfy the design
requirements of Sec. 73.55(b), identify indications of tampering, or
otherwise implement the site protective strategy.
(ii) The licensee shall provide continuous surveillance,
observation, and monitoring of the owner controlled area as described
in the security plans to detect and deter intruders and ensure the
integrity of physical barriers or other components and functions of the
onsite physical protection program. Continuous surveillance,
observation, and monitoring responsibilities may be performed by
security personnel during continuous patrols, through use of video
technology, or by a combination of both.
(iii) Unattended openings that intersect a security boundary such
as underground pathways must be protected by a physical barrier and
monitored by intrusion detection equipment or observed by security
personnel at a frequency sufficient to detect exploitation.
(iv) Armed security patrols shall periodically check external areas
of the protected area to include physical barriers and vital area
portals.
(v) Armed security patrols shall periodically inspect vital areas
to include the physical barriers used at all vital area portals.
(vi) The licensee shall provide random patrols of all accessible
areas containing target set equipment.
(vii) Security personnel shall be trained to recognize obvious
indications of tampering consistent with their assigned duties and
responsibilities.
(viii) Upon detection of tampering, or other threats, the licensee
shall initiate response in accordance with the security plans and
implementing procedures.
(6) Illumination.
(i) The licensee shall ensure that all areas of the facility are
provided with illumination necessary to satisfy the design requirements
of Sec. 73.55(b) and implement the protective strategy.
(ii) The licensee shall provide a minimum illumination level of 0.2
foot-candles, measured horizontally at ground level, in the isolation
zones and appropriate exterior areas within the protected area.
Alternatively, the licensee may augment the facility illumination
system by means of low-light technology to meet the requirements of
this section or otherwise implement the protective strategy.
(iii) The licensee shall describe in the security plans how the
lighting requirements of this section are met and, if used, the type(s)
and application of low-light technology.
(j) Communication requirements. (1) The licensee shall establish
and
[[Page 13977]]
maintain continuous communication capability with onsite and offsite
resources to ensure effective command and control during both normal
and emergency situations.
(2) Individuals assigned to each alarm station shall be capable of
calling for assistance in accordance with the security plans and the
licensee's procedures.
(3) All on-duty security force personnel shall be capable of
maintaining continuous communication with an individual in each alarm
station, and vehicle escorts shall maintain continuous communication
with security personnel. All personnel escorts shall maintain timely
communication with the security personnel.
(4) The following continuous communication capabilities must
terminate in both alarm stations required by this section:
(i) Radio or microwave transmitted two-way voice communication,
either directly or through an intermediary, in addition to conventional
telephone service between local law enforcement authorities and the
site.
(ii) A system for communication with the control room.
(5) Non-portable communications equipment must remain operable from
independent power sources in the event of the loss of normal power.
(6) The licensee shall identify site areas where communication
could be interrupted or cannot be maintained, and shall establish
alternative communication measures or otherwise account for these areas
in implementing procedures.
(k) Response requirements. (1) The licensee shall establish and
maintain, at all times, properly trained, qualified and equipped
personnel required to interdict and neutralize threats up to and
including the design basis threat of radiological sabotage as defined
in Sec. 73.1, to prevent significant core damage and spent fuel
sabotage.
(2) The licensee shall ensure that all firearms, ammunition, and
equipment necessary to implement the site security plans and protective
strategy are in sufficient supply, are in working condition, and are
readily available for use.
(3) The licensee shall train each armed member of the security
organization to prevent or impede attempted acts of radiological
sabotage by using force sufficient to counter the force directed at
that person, including the use of deadly force when the armed member of
the security organization has a reasonable belief that the use of
deadly force is necessary in self-defense or in the defense of others,
or any other circumstances as authorized by applicable State or Federal
law.
(4) The licensee shall provide armed response personnel consisting
of armed responders which may be augmented with armed security officers
to carry out armed response duties within predetermined time lines
specified by the site protective strategy.
(5) Armed responders.
(i) The licensee shall determine the minimum number of armed
responders necessary to satisfy the design requirements of Sec.
73.55(b) and implement the protective strategy. The licensee shall
document this number in the security plans.
(ii) The number of armed responders shall not be less than ten
(10).
(iii) Armed responders shall be available at all times inside the
protected area and may not be assigned other duties or responsibilities
that could interfere with their assigned response duties.
(6) Armed security officers.
(i) Armed security officers, designated to strengthen onsite
response capabilities, shall be onsite and available at all times to
carry out their assigned response duties.
(ii) The minimum number of armed security officers designated to
strengthen onsite response capabilities must be documented in the
security plans.
(7) The licensee shall have procedures to reconstitute the
documented number of available armed response personnel required to
implement the protective strategy.
(8) Protective strategy. The licensee shall establish, maintain,
and implement a written protective strategy in accordance with the
requirements of this section and part 73, appendix C, Section II. Upon
receipt of an alarm or other indication of a threat, the licensee
shall:
(i) Determine the existence and level of a threat in accordance
with pre-established assessment methodologies and procedures.
(ii) Initiate response actions to interdict and neutralize the
threat in accordance with the requirements of part 73, appendix C,
section II, the safeguards contingency plan, and the licensee's
response strategy.
(iii) Notify law enforcement agencies (local, State, and Federal
law enforcement agencies (LLEA)), in accordance with site procedures.
(9) Law enforcement liaison. To the extent practicable, licensees
shall document and maintain current agreements with applicable law
enforcement agencies to include estimated response times and
capabilities.
(10) Heightened security. Licensees shall establish, maintain, and
implement a threat warning system which identifies specific graduated
protective measures and actions to be taken to increase licensee
preparedness against a heightened security threat.
(i) Licensees shall ensure that the specific protective measures
and actions identified for each threat level are consistent with the
security plans and other emergency plans and procedures.
(ii) Upon notification by an authorized representative of the
Commission, licensees shall implement the specific threat level
indicated by the Commission representative.
(l) Facilities using mixed-oxide (MOX) fuel assemblies containing
up to 20 weight percent plutonium dioxide (PuO2). (1) Commercial
nuclear power reactors licensed under 10 CFR parts 50 or 52 and
authorized to use special nuclear material in the form of MOX fuel
assemblies containing up to 20 weight percent PuO2 shall, in
addition to meeting the requirements of this section, protect un-
irradiated MOX fuel assemblies against theft or diversion as described
in this paragraph.
(2) Commercial nuclear power reactors authorized to use MOX fuel
assemblies containing up to 20 weight percent PuO2 are
exempt from the requirements of Sec. Sec. 73.20, 73.45, and 73.46 for
the onsite physical protection of un-irradiated MOX fuel assemblies.
(3) Administrative controls.
(i) The licensee shall describe in the security plans the
operational and administrative controls to be implemented for the
receipt, inspection, movement, storage, and protection of un-irradiated
MOX fuel assemblies.
(ii) The licensee shall implement the use of tamper-indicating
devices for un-irradiated MOX fuel assembly transport and shall verify
their use and integrity before receipt.
(iii) Upon receipt of un-irradiated MOX fuel assemblies, the
licensee shall:
(A) Inspect un-irradiated MOX fuel assemblies for damage.
(B) Search un-irradiated MOX fuel assemblies for unauthorized
materials.
(iv) The licensee may conduct the required inspection and search
functions simultaneously.
(v) The licensee shall ensure the proper placement and control of
un-irradiated MOX fuel assemblies as follows:
(A) At least one armed security officer shall be present during the
receipt and inspection of un-irradiated MOX fuel assemblies. This armed
security officer
[[Page 13978]]
shall not be an armed responder as required by paragraph (k) of this
section.
(B) The licensee shall store un-irradiated MOX fuel assemblies only
within a spent fuel pool, located within a vital area, so that access
to the un-irradiated MOX fuel assemblies requires passage through at
least two physical barriers and the water barrier combined with the
additional measures detailed in this section.
(vi) The licensee shall implement a material control and
accountability program that includes a predetermined and documented
storage location for each un-irradiated MOX fuel assembly.
(4) Physical controls.
(i) The licensee shall lock, lockout, or disable all equipment and
power supplies to equipment required for the movement and handling of
un-irradiated MOX fuel assemblies when movement activities are not
authorized.
(ii) The licensee shall implement a two-person, line-of-sight rule
within the spent fuel pool area whenever control systems or equipment
required for the movement or handling of un-irradiated MOX fuel
assemblies must be accessed.
(iii) The licensee shall conduct random patrols of areas containing
un-irradiated MOX fuel assemblies to identify indications of tampering
and ensure the integrity of barriers and locks.
(iv) Locks, keys, and any other access control device used to
secure equipment and power sources required for the movement of un-
irradiated MOX fuel assemblies, or openings to areas containing un-
irradiated MOX fuel assemblies, must be controlled by the security
organization.
(v) Removal of locks used to secure equipment and power sources
required for the movement of un-irradiated MOX fuel assemblies or
openings to areas containing un-irradiated MOX fuel assemblies must
require approval by both the on-duty security shift supervisor and the
operations shift manager.
(A) At least one armed security officer shall be present to observe
activities involving the movement of un-irradiated MOX fuel assemblies
before the removal of the locks and providing power to equipment
required for the movement or handling of un-irradiated MOX fuel
assemblies.
(B) At least one armed security officer shall be present at all
times until power is removed from equipment and locks are secured.
(C) Security officers shall be knowledgeable of authorized and
unauthorized activities involving un-irradiated MOX fuel assemblies.
(5) At least one armed security officer shall be present and shall
maintain constant surveillance of un-irradiated MOX fuel assemblies
when the assemblies are not located in the spent fuel pool or reactor.
(6) The licensee shall maintain at all times the capability to
detect, assess, interdict and neutralize threats to un-irradiated MOX
fuel assemblies in accordance with the requirements of this section.
(7) MOX fuel assemblies containing greater than 20 weight percent
PuO2.
(i) Requests for the use of MOX fuel assemblies containing greater
than 20 weight percent PuO2 shall be reviewed and approved
by the Commission before receipt of MOX fuel assemblies.
(ii) Additional measures for the physical protection of un-
irradiated MOX fuel assemblies containing greater than 20 weight
percent PuO2 shall be determined by the Commission on a
case-by-case basis and documented through license amendment in
accordance with 10 CFR 50.90.
(m) Security program reviews. (1) As a minimum the licensee shall
review each element of the physical protection program at least every
24 months. Reviews shall be conducted:
(i) Within 12 months following initial implementation of the
physical protection program or a change to personnel, procedures,
equipment, or facilities that potentially could adversely affect
security.
(ii) As necessary based upon site-specific analyses, assessments,
or other performance indicators.
(iii) By individuals independent of those personnel responsible for
program management and any individual who has direct responsibility for
implementing the onsite physical protection program.
(2) Reviews of the security program must include, but not be
limited to, an audit of the effectiveness of the physical security
program, security plans, implementing procedures, cyber security
programs, safety/security interface activities, the testing,
maintenance, and calibration program, and response commitments by
local, State, and Federal law enforcement authorities.
(3) The results and recommendations of the onsite physical
protection program reviews, management's findings regarding program
effectiveness, and any actions taken as a result of recommendations
from prior program reviews, must be documented in a report to the
licensee's plant manager and to corporate management at least one level
higher than that having responsibility for day-to-day plant operation.
These reports must be maintained in an auditable form, available for
inspection.
(4) Findings from onsite physical protection program reviews must
be entered into the site corrective action program.
(n) Maintenance, testing, and calibration. (1) The licensee shall:
(i) Establish, maintain, and implement a maintenance, testing and
calibration program to ensure that security systems and equipment,
including secondary and uninterruptible power supplies, are tested for
operability and performance at predetermined intervals, maintained in
operable condition, and are capable of performing their intended
functions.
(ii) Describe the maintenance, testing and calibration program in
the physical security plan. Implementing procedures must specify
operational and technical details required to perform maintenance,
testing, and calibration activities to include, but not limited to,
purpose of activity, actions to be taken, acceptance criteria, and the
intervals or frequency at which the activity will be performed.
(iii) Identify in procedures the criteria for determining when
problems, failures, deficiencies, and other findings are documented in
the site corrective action program for resolution.
(iv) Ensure that information documented in the site corrective
action program is written in a manner that does not constitute
safeguards information as defined in 10 CFR 73.21.
(v) Implement compensatory measures that ensure the effectiveness
of the onsite physical protection program when there is a failure or
degraded operation of security-related component or equipment.
(2) The licensee shall test each intrusion alarm for operability at
the beginning and end of any period that it is used for security, or if
the period of continuous use exceeds seven (7) days. The intrusion
alarm must be tested at least once every seven (7) days.
(3) Intrusion detection and access control equipment must be
performance tested in accordance with the security plans and
implementing procedures.
(4) Equipment required for communications onsite must be tested for
operability not less frequently than once at the beginning of each
security personnel work shift.
(5) Communication systems between the alarm stations and each
control room, and between the alarm stations and local law enforcement
agencies, to include backup communication equipment, must be tested for
operability at least once each day.
[[Page 13979]]
(6) Search equipment must be tested for operability at least once
each day and tested for performance at least once during each seven (7)
day period.
(7) A program for testing or verifying the operability of devices
or equipment located in hazardous areas must be specified in the
implementing procedures and must define alternate measures to be taken
to ensure the timely completion of testing or maintenance when the
hazardous condition or other restrictions are no longer applicable.
(8) Security equipment or systems shall be tested in accordance
with the site maintenance, testing and calibration procedures before
being placed back in service after each repair or inoperable state.
(o) Compensatory measures. (1) The licensee shall identify criteria
and measures to compensate for degraded or inoperable equipment,
systems, and components to meet the requirements of this section.
(2) Compensatory measures must provide a level of protection that
is equivalent to the protection that was provided by the degraded or
inoperable, equipment, system, or components.
(3) Compensatory measures must be implemented within specific time
frames necessary to meet the requirements stated in paragraph (b) of
this section and described in the security plans.
(p) Suspension of security measures. (1) The licensee may suspend
implementation of affected requirements of this section under the
following conditions:
(i) In accordance with Sec. Sec. 50.54(x) and 50.54(y) of this
chapter, the licensee may suspend any security measures under this
section in an emergency when this action is immediately needed to
protect the public health and safety and no action consistent with
license conditions and technical specifications that can provide
adequate or equivalent protection is immediately apparent. This
suspension of security measures must be approved as a minimum by a
licensed senior operator before taking this action.
(ii) During severe weather when the suspension of affected security
measures is immediately needed to protect the personal health and
safety of security force personnel and no other immediately apparent
action consistent with the license conditions and technical
specifications can provide adequate or equivalent protection. This
suspension of security measures must be approved, as a minimum, by a
licensed senior operator, with input from the security supervisor or
manager, before taking this action.
(2) Suspended security measures must be reinstated as soon as
conditions permit.
(3) The suspension of security measures must be reported and
documented in accordance with the provisions of Sec. 73.71.
(q) Records. (1) The Commission may inspect, copy, retain, and
remove all reports, records, and documents required to be kept by
Commission regulations, orders, or license conditions, whether the
reports, records, and documents are kept by the licensee or a
contractor.
(2) The licensee shall maintain all records required to be kept by
Commission regulations, orders, or license conditions, until the
Commission terminates the license for which the records were developed,
and shall maintain superseded portions of these records for at least
three (3) years after the record is superseded, unless otherwise
specified by the Commission.
(3) If a contracted security force is used to implement the onsite
physical protection program, the licensee's written agreement with the
contractor must be retained by the licensee as a record for the
duration of the contract.
(4) Review and audit reports must be maintained and available for
inspection, for a period of three (3) years.
(r) Alternative measures. (1) The Commission may authorize an
applicant or licensee to provide a measure for protection against
radiological sabotage other than one required by this section if the
applicant or licensee demonstrates that:
(i) The measure meets the same performance objectives and
requirements specified in paragraph (b) of this section; and
(ii) The proposed alternative measure provides protection against
radiological sabotage or theft of un-irradiated MOX fuel assemblies,
equivalent to that which would be provided by the specific requirement
for which it would substitute.
(2) The licensee shall submit proposed alternative measure(s) to
the Commission for review and approval in accordance with Sec. Sec.
50.4 and 50.90 of this chapter before implementation.
(3) In addition to fully describing the desired changes, the
licensee shall submit a technical basis for each proposed alternative
measure. The basis must include an analysis or assessment that
demonstrates how the proposed alternative measure provides a level of
protection that is at least equal to that which would otherwise be
provided by the specific requirement of this section.
(4) Alternative vehicle barrier systems. In the case of vehicle
barrier systems required by Sec. 73.55(e)(10), the licensee shall
demonstrate that:
(i) The alternative measure provides protection against the use of
a vehicle as a means of transportation to gain proximity to vital
areas;
(ii) The alternative measure provides protection against the use of
a vehicle as a vehicle bomb; and
(iii) Based on comparison of the costs of the alternative measures
to the costs of meeting the Commission's requirements using the
essential elements of 10 CFR 50.109, the costs of fully meeting the
Commission's requirements are not justified by the protection that
would be provided.
0
13. Section 73.56 is revised to read as follow:
Sec. 73.56 Personnel access authorization requirements for nuclear
power plants.
(a) Introduction. (1) By March 31, 2010, each nuclear power reactor
licensee, licensed under 10 CFR part 50, shall implement the
requirements of this section through revisions to its Commission-
approved Physical Security Plan.
(2) The licensee shall establish, implement and maintain its access
authorization program in accordance with the requirements of this
section.
(3) Each applicant for an operating license under the provisions of
part 50 of this chapter, and each holder of a combined license under
the provisions of part 52 of this chapter, shall implement the
requirements of this section before fuel is allowed on site (protected
area).
(4) The licensee or applicant may accept, in part or whole, an
access authorization program implemented by a contractor or vendor to
satisfy appropriate elements of the licensee's access authorization
program in accordance with the requirements of this section. Only a
licensee shall grant an individual unescorted access. Licensees and
applicants shall certify individuals' unescorted access authorization
and are responsible to maintain, deny, terminate, or withdraw
unescorted access authorization.
(b) Applicability. (1) The following individuals shall be subject
to an access authorization program:
(i) Any individual to whom a licensee intends to grant unescorted
access to nuclear power plant protected or vital areas or any
individual for whom a licensee or an applicant intends to certify
unescorted access authorization;
(ii) Any individual whose duties and responsibilities permit the
individual to take actions by electronic means, either
[[Page 13980]]
on site or remotely, that could adversely impact the licensee's or
applicant's operational safety, security, or emergency preparedness;
(iii) Any individual who has responsibilities for implementing a
licensee's or applicant's protective strategy, including, but not
limited to, armed security force officers, alarm station operators, and
tactical response team leaders; and
(iv) The licensee or applicant access authorization program
reviewing official or contractor or vendor access authorization program
reviewers.
(2) Other individuals, at the licensee's or applicant's discretion,
including employees of a contractor or a vendor who are designated in
access authorization program procedures, are subject to an access
authorization program that meets the requirements of this section.
(c) General performance objective. The licensee's or applicant's
access authorization program must provide high assurance that the
individuals who are specified in paragraph (b)(1), and, if applicable,
paragraph (b)(2) of this section are trustworthy and reliable, such
that they do not constitute an unreasonable risk to public health and
safety or the common defense and security, including the potential to
commit radiological sabotage.
(d) Background investigation. In order to grant an individual
unescorted access to the protected area or vital area of a nuclear
power plant or certify an individual unescorted access authorization,
licensees, applicants and contractors or vendors shall ensure that the
individual has been subject to a background investigation. The
background investigation must include, but is not limited to, the
following elements:
(1) Informed consent. Licensees, applicants, and contractors or
vendors shall not initiate any element of a background investigation
without the informed and signed consent of the subject individual. This
consent shall include authorization to share personal information with
appropriate entities. The licensee or applicant to whom the individual
is applying for unescorted access and unescorted access authorization,
respectively, or the contractors or vendors supporting the licensee or
applicant shall inform the individual of his or her right to review
information collected to assure its accuracy, and provide the
individual with an opportunity to correct any inaccurate or incomplete
information that is developed by licensees, applicants, or contractors
or vendors about the individual.
(i) The subject individual may withdraw his or her consent at any
time. Licensees, applicants, and contractors or vendors shall inform
the individual that:
(A) Withdrawal of his or her consent will remove the individual's
application for access authorization under the licensee's or
applicant's access authorization program or contractor or vendor access
authorization program; and
(B) Other licensees and applicants shall have access to information
documenting the withdrawal. Additionally, the contractors or vendors
may have the same access to the information, if such information is
necessary for assisting licensees or applicants complying with
requirements set forth in this section.
(ii) If an individual withdraws his or her consent, licensees,
applicants, and contractors or vendors may not initiate any elements of
the background investigation that were not in progress at the time the
individual withdrew his or her consent, but shall complete any
background investigation elements that are in progress at the time
consent is withdrawn. The licensee or applicant shall record the status
of the individual's application for unescorted access or unescorted
access authorization, respectively. Contractors or vendors may record
the status of the individual's application for unescorted access or
unescorted access authorization for licensees or applicants.
Additionally, licensees, applicants, or contractors or vendors shall
collect and maintain the individual's application for unescorted access
or unescorted access authorization; his or her withdrawal of consent
for the background investigation; the reason given by the individual
for the withdrawal; and any pertinent information collected from the
background investigation elements that were completed. This information
must be shared with other licensees in accordance with paragraph (o)(6)
of this section.
(iii) Licensees, applicants, and contractors or vendors shall
inform, in writing, any individual who is applying for unescorted
access or unescorted access authorization that the following actions
are sufficient cause for denial or unfavorable termination of
unescorted access or unescorted access authorization status:
(A) Refusal to provide a signed consent for the background
investigation;
(B) Refusal to provide, or the falsification of, any personal
history information required under this section, including the failure
to report any previous denial or unfavorable termination of unescorted
access or unescorted access authorization;
(C) Refusal to provide signed consent for the sharing of personal
information with other licensees, applicants, or the contractor or
vendors under paragraph (d)(4)(v) of this section; or
(D) Failure to report any arrests or legal actions specified in
paragraph (g) of this section.
(2) Personal history disclosure.
(i) Any individual who is applying for unescorted access or
unescorted access authorization shall disclose the personal history
information that is required by the licensee's or applicant's access
authorization program, including any information that may be necessary
for the reviewing official to make a determination of the individual's
trustworthiness and reliability.
(ii) Licensees, applicants, and contractors or vendors shall not
require an individual to disclose an administrative withdrawal of
unescorted access or unescorted access authorization under the
requirements of Sec. 73.56(g), (h)(7), or (i)(1)(v) of this section.
However, the individual must disclose this information if the
individual's unescorted access or unescorted access authorization is
administratively withdrawn at the time he or she is seeking unescorted
access or unescorted access authorization, or the individual's
unescorted access or unescorted access authorization was subsequently
denied or terminated unfavorably by a licensee, applicant, or
contractor or vendor.
(3) Verification of true identity. Licensees, applicants, and
contractors or vendors shall verify the true identity of an individual
who is applying for unescorted access or unescorted access
authorization in order to ensure that the applicant is the person that
he or she has claimed to be. At a minimum, licensees, applicants, and
contractors or vendors shall validate that the social security number
that the individual has provided is his or hers, and, in the case of
foreign nationals, validate the claimed non-immigration status that the
individual has provided is correct. In addition, licensees and
applicants shall also determine whether the results of the
fingerprinting required under Sec. 73.57 confirm the individual's
claimed identity, if such results are available.
(4) Employment history evaluation. Licensees, applicants, and
contractors or vendors shall ensure that an employment history
evaluation has been completed on a best effort basis, by questioning
the individual's present and former employers, and by determining
[[Page 13981]]
the activities of the individual while unemployed.
(i) For the claimed employment period, the individual must provide
the reason for any termination, eligibility for rehire, and other
information that could reflect on the individual's trustworthiness and
reliability.
(ii) If the claimed employment was military service the individual
shall provide a characterization of service, reason for separation, and
any disciplinary actions that could affect a trustworthiness and
reliability determination.
(iii) If education is claimed in lieu of employment, the individual
shall provide any information related to the claimed education that
could reflect on the individual's trustworthiness and reliability and,
at a minimum, verify that the individual was registered for the classes
and received grades that indicate that the individual participated in
the educational process during the claimed period.
(iv) If a previous employer, educational institution, or any other
entity with which the individual claims to have been engaged fails to
provide information or indicates an inability or unwillingness to
provide information within 3 business days of the request, the
licensee, applicant, or contractor or vendor shall:
(A) Document this refusal or unwillingness in the licensee's,
applicant's, or contractor's or vendor's record of the investigation;
and
(B) Obtain a confirmation of employment, educational enrollment and
attendance, or other form of engagement claimed by the individual from
at least one alternate source that has not been previously used.
(v) When any licensee, applicant, contractor, or vendor is seeking
the information required for an unescorted access or unescorted access
authorization decision under this section and has obtained a signed
release from the subject individual authorizing the disclosure of such
information, other licensees, applicants, contractors and vendors shall
make available the personal or access authorization information
requested regarding the denial or unfavorable termination of unescorted
access or unescorted access authorization.
(vi) In conducting an employment history evaluation, the licensee,
applicant, contractor, or vendor may obtain information and documents
by electronic means, including, but not limited to, telephone,
facsimile, or e-mail. Licensees, applicants, contractors, or vendors
shall make a record of the contents of the telephone call and shall
retain that record, and any documents or electronic files obtained
electronically, in accordance with paragraph (o) of this section.
(5) Credit history evaluation. Licensees, applicants, contractors
and vendors shall ensure that the full credit history of any individual
who is applying for unescorted access or unescorted access
authorization is evaluated. A full credit history evaluation must
include, but is not limited to, an inquiry to detect potential fraud or
misuse of social security numbers or other financial identifiers, and a
review and evaluation of all of the information that is provided by a
national credit-reporting agency about the individual's credit history.
For individuals including foreign nationals and United States citizens
who have resided outside the United States and do not have established
credit history that covers at least the most recent seven years in the
United States, the licensee, applicant, contractor or vendor must
document all attempts to obtain information regarding the individual's
credit history and financial responsibility from some relevant entity
located in that other country or countries.
(6) Character and reputation evaluation. Licensees, applicants,
contractors, and vendors shall ascertain the character and reputation
of an individual who has applied for unescorted access or unescorted
access authorization by conducting reference checks. Reference checks
may not be conducted with any person who is known to be a close member
of the individual's family, including but not limited to, the
individual's spouse, parents, siblings, or children, or any individual
who resides in the individual's permanent household. The reference
checks must focus on the individual's reputation for trustworthiness
and reliability.
(7) Criminal history review. The licensee's or applicant's
reviewing official shall evaluate the entire criminal history record of
an individual who is applying for unescorted access or unescorted
access authorization to determine whether the individual has a record
of criminal activity that may adversely impact his or her
trustworthiness and reliability. A criminal history record must be
obtained in accordance with the requirements of Sec. 73.57. For
individuals who do not have or are not expected to have unescorted
access, a criminal history record of the individual shall be obtained
in accordance with the requirements set forth in paragraph (k)(1)(ii)
of this section.
(e) Psychological assessment. In order to assist in determining an
individual's trustworthiness and reliability, licensees, applicants,
contractors or vendors shall ensure that a psychological assessment has
been completed before the individual is granted unescorted access or
certified unescorted access authorization. Individuals who are applying
for initial unescorted access or unescorted access authorization, or
who have not maintained unescorted access or unescorted access
authorization for greater than 365 days, shall be subject to a
psychological assessment. The psychological assessment must be designed
to evaluate the possible adverse impact of any noted psychological
characteristics on the individual's trustworthiness and reliability.
(1) A licensed psychologist or psychiatrist with the appropriate
training and experience shall conduct the psychological assessment.
(2) The psychological assessment must be conducted in accordance
with the applicable ethical principles for conducting such assessments
established by the American Psychological Association or American
Psychiatric Association.
(3) At a minimum, the psychological assessment must include the
administration and interpretation of a standardized, objective,
professionally-accepted psychological test that provides information to
identify indications of disturbances in personality or psychopathology
that may have adverse implications for an individual's trustworthiness
and reliability. A psychiatrist or psychologist specified in paragraph
(e) of this section shall establish the predetermined thresholds for
each scale, in accordance with paragraph (e)(2) of this section, that
must be applied in interpreting the results of the psychological test
to determine whether an individual must be interviewed by a licensed
psychiatrist or psychologist, under Sec. 73.56(e)(4)(i) of this
section.
(4) The psychological assessment must include a clinical interview:
(i) If an individual's scores on the psychological test in
paragraph (e)(3) of this section identify indications of disturbances
in personality or psychopathology that may have implications for an
individual's trustworthiness and reliability; or
(ii) If the individual is a member of the population that performs
one or more job functions that are critical to the safe and secure
operation of the licensee's facility, as defined in paragraph
(i)(1)(v)(B) of this section.
[[Page 13982]]
(5) In the course of conducting a psychological assessment for
those individuals who are specified in paragraph (h) of this section
for initial unescorted access or unescorted access authorization
category, if the licensed psychologist or psychiatrist identifies or
discovers any information, including a medical condition, that could
adversely impact the individual's fitness for duty or trustworthiness
and reliability, the licensee, applicant, or contractor or vendor shall
ensure that the psychologist or psychiatrist contact appropriate
medical personnel to obtain further information as need for a
determination. The results of the evaluation and a recommendation shall
be provided to the licensee's or applicant's reviewing official.
(6) During psychological reassessments, if the licensed
psychologist or psychiatrist identifies or discovers any information,
including a medical condition, that could adversely impact the fitness
for duty or trustworthiness and reliability of those individuals who
are currently granted unescorted access or certified unescorted access
authorization status, he or she shall inform (1) the reviewing official
of the discovery within 24 hours of the discovery and (2) the medical
personnel designated in the site implementing procedures, who shall
ensure that an appropriate evaluation of the possible medical condition
is conducted under the requirements of part 26 of this chapter. The
results of the evaluation and a recommendation shall be provided to the
licensee's or applicant's reviewing official.
(f) Behavioral observation. (1) Licensee and applicant access
authorization programs must include a behavioral observation program
that is designed to detect behaviors or activities that may constitute
an unreasonable risk to the health and safety of the public and common
defense and security, including a potential threat to commit
radiological sabotage. Licensees, applicants and contractors or vendors
must ensure that the individuals specified in paragraph (b)(1) and, if
applicable, (b)(2) of this section are subject to behavioral
observation.
(2) Each person subject to the behavior observation program shall
be responsible for communicating to the licensee or applicant observed
behaviors of individuals subject to the requirements of this section.
Such behaviors include any behavior of individuals that may adversely
affect the safety or security of the licensee's facility or that may
constitute an unreasonable risk to the public health and safety or the
common defense and security, including a potential threat to commit
radiological sabotage.
(i) Licensees, applicants, and contractors or vendors shall ensure
that individuals who are subject to this section also successfully
complete initial behavioral observation training and requalification
behavior observation training as required in paragraphs (f)(2)(ii) and
(iii) of this section.
(ii) Behavioral observation training must be:
(A) Completed before the licensee grants unescorted access or
certifies unescorted access authorization or an applicant certifies
unescorted access authorization, as defined in paragraph (h)(4)(ii) of
this section,
(B) Current before the licensee grants unescorted access update or
reinstatement or licensee or applicant certifies unescorted access
authorization reinstatement as defined in paragraph (h)(4)(ii) of this
section, and
(C) Maintained in a current status during any period of time an
individual possesses unescorted access or unescorted access
authorization in accordance with paragraph (f)(2)(iv) of this section.
(iii) For initial behavioral observation training, individuals
shall demonstrate completion by passing a comprehensive examination
that addresses the knowledge and abilities necessary to detect behavior
or activities that have the potential to constitute an unreasonable
risk to the health and safety of the public and common defense and
security, including a potential threat to commit radiological sabotage.
Remedial training and re-testing are required for individuals who fail
to satisfactorily complete the examination.
(iv) Individuals shall complete refresher training on a nominal 12-
month frequency, or more frequently where the need is indicated.
Individuals may take and pass a comprehensive examination that meets
the requirements of paragraph (f)(2)(iii) of this section in lieu of
completing annual refresher training.
(v) Initial and refresher training may be delivered using a variety
of media, including, but not limited to, classroom lectures, required
reading, video, or computer-based training systems. The licensee,
applicant, or contractor or vendor shall monitor the completion of
training.
(3) Individuals who are subject to an access authorization program
under this section shall at a minimum, report any concerns arising from
behavioral observation, including, but not limited to, concerns related
to any questionable behavior patterns or activities of others to the
reviewing official, his or her supervisor, or other management
personnel designated in their site procedures. The recipient of the
report shall, if other than the reviewing official, promptly convey the
report to the reviewing official, who shall reassess the reported
individual's unescorted access or unescorted access authorization
status. The reviewing official shall determine the elements of the
reassessment based on the accumulated information of the individual. If
the reviewing official has a reason to believe that the reported
individual's trustworthiness or reliability is questionable, the
reviewing official shall either administratively withdraw or terminate
the individual's unescorted access or unescorted access authorization
while completing the re-evaluation or investigation. If the reviewing
official determines from the information provided that there is cause
for additional action, the reviewing official may inform the supervisor
of the reported individual.
(g) Self-reporting of legal actions. (1) Any individual who has
applied for unescorted access or unescorted access authorization or is
maintaining unescorted access or unescorted access authorization under
this section shall promptly report to the reviewing official, his or
her supervisor, or other management personnel designated in site
procedures any legal action(s) taken by a law enforcement authority or
court of law to which the individual has been subject that could result
in incarceration or a court order or that requires a court appearance,
including but not limited to an arrest, an indictment, the filing of
charges, or a conviction, but excluding minor civil actions or
misdemeanors such as parking violations or speeding tickets. The
recipient of the report shall, if other than the reviewing official,
promptly convey the report to the reviewing official. On the day that
the report is received, the reviewing official shall evaluate the
circumstances related to the reported legal action(s) and re-determine
the reported individual's unescorted access or unescorted access
authorization status.
(2) The licensee or applicant shall inform the individual of this
obligation, in writing, prior to granting unescorted access or
certifying unescorted access authorization.
(h) Granting unescorted access and certifying unescorted access
authorization. Licensees and applicants shall implement the
requirements of this paragraph for granting or certifying initial or
reinstated unescorted access or unescorted access authorization. The
[[Page 13983]]
investigatory information collected to satisfy the requirements of this
section for individuals who are being considered for unescorted access
or unescorted access authorization shall be valid for a trustworthiness
and reliability determination by a licensee or applicant for 30
calendar days.
(1) Determination basis.
(i) The licensee's or applicant's reviewing official shall
determine whether to grant, certify, deny, unfavorably terminate,
maintain, or administratively withdraw an individual's unescorted
access or unescorted access authorization status, based on an
evaluation of all of the information required by this section.
(ii) The licensee's or applicant's reviewing official may not grant
unescorted access or certify unescorted access authorization status to
an individual until all of the information required by this section has
been evaluated by the reviewing official and the reviewing official has
determined that the accumulated information supports a determination of
the individual's trustworthiness and reliability. However, the
reviewing official may deny or terminate unescorted access or
unescorted access authorization of any individual based on
disqualifying information even if not all the information required by
this section has been collected or evaluated.
(2) Unescorted access for NRC-certified personnel. Licensees and
applicants shall grant unescorted access to any individual who has been
certified by the Nuclear Regulatory Commission as suitable for such
access.
(3) Access denial. Licensees or applicants may not permit an
individual, who is identified as having an access-denied status by
another licensee subject to this section, or has an access
authorization status other than favorably terminated, to enter any
nuclear power plant protected area or vital area, under escort or
otherwise, or take actions by electronic means that could adversely
impact the licensee's or applicant's safety, security, or emergency
response or their facilities, under supervision or otherwise, except
upon completion of the initial unescorted access authorization process.
(4) Granting unescorted access and certifying unescorted access
authorization.
(i) Initial unescorted access or unescorted access authorization.
In satisfying the requirements of paragraph (h)(1) of this section, for
individuals who have never held unescorted access or unescorted access
authorization status or whose unescorted access or unescorted access
authorization status has been interrupted for a period of 3 years or
more, the licensee, applicant, or contractor or vendor shall satisfy
the requirements of paragraphs (d), (e), (f), and (g) of this section.
In meeting requirements set forth in paragraph (d)(4) of this section,
the licensee, applicant, or contractor or vendor shall evaluate the 3
years before the date on which the application for unescorted access
was submitted, or since the individual's eighteenth birthday, whichever
is shorter. For the 1-year period proceeding the date upon which the
individual applies for unescorted access or unescorted access
authorization, the licensee, applicant or contractor or vendor shall
ensure that the employment history evaluation is conducted with every
employer, regardless of the length of employment. For the remaining 2-
year period, the licensee, applicant, or contractor or vendor shall
ensure that the employment history evaluation is conducted with the
employer by whom the individual claims to have been employed the
longest within each calendar month.
(ii) Reinstatement of Unescorted Access. In satisfying the
requirements of paragraph (h)(1) of this section, for individuals who
have previously been granted unescorted access or unescorted access
authorization, but whose access had been terminated under favorable
conditions, licensees, applicants or contractors or vendors shall
satisfy the requirements of paragraphs (d), (e), (f), and (g) of this
section, with consideration of the specific requirements for periods of
interruption described below in paragraphs (h)(4)(ii)(A) or
(h)(4)(ii)(B) of this section, as applicable. However, for individuals
whose unescorted access or unescorted access authorization was
interrupted for less than or equal to 30 calendar days, licensees,
applicants, or contractors or vendors must only satisfy the
requirements set forth in paragraphs (d)(1), (d)(2), and (d)(3) of this
section. The applicable periods of interruption are determined by the
number of calendar days between the day after the individual's access
was terminated and the day upon which the individual applies for
unescorted access or unescorted access authorization.
(A) For individuals whose last unescorted access or unescorted
access authorization status has been interrupted for more than 30
calendar days but less than or equal to 365 calendar days, the
licensee, applicant or contractor or vendor shall complete the
individual's employment history evaluation in accordance with the
requirements of paragraph (d)(4) of this section, within 5 business
days after reinstatement. The licensee, applicant, or contractor or
vendor shall ensure that the employment history evaluation has been
conducted with the employer by whom the individual claims to have been
employed the longest within the calendar month. However, if the
employment history evaluation is not completed within 5 business days
of reinstatement due to circumstances that are outside of the
licensee's, applicant's, or contractor's or vendor's control and the
licensee or applicant, contractor or vendor is not aware of any
potentially disqualifying information regarding the individual within
the past 5 years, the licensee may extend the individual's unescorted
access an additional 5 business days. If the employment history
evaluation is not completed within this extended 5 business days, the
licensee shall administratively withdraw unescorted access and complete
the employment history evaluation in accordance with Sec. 73.56(d)(4)
of this section. For re-certification of unescorted access
authorization, prior to re-certification of unescorted access
authorization status of an individual, the licensee or applicant shall
complete all the elements stated above including drug screening and
employment evaluation.
(B) For individuals whose last unescorted access or unescorted
access authorization status has been interrupted for greater than 365
calendar days but fewer than 3 years the licensee, applicant or
contractor or vendor shall evaluate the period of time since the
individual last held unescorted access or unescorted access
authorization status, up to and including the day the individual
applies for re-instated unescorted access authorization. For the 1-year
period proceeding the date upon which the individual applies for
unescorted access authorization, the licensee, applicant, or contractor
or vendor shall ensure that the employment history evaluation is
conducted with every employer, regardless of the length of employment.
For the remaining period, the licensee, applicant or contractor or
vendor shall ensure that the employment history evaluation is conducted
with the employer by whom the individual claims to have been employed
the longest within each calendar month. In addition, the individual
shall be subject to the psychological assessment required in Sec.
73.56(e).
(5) Accepting unescorted access authorization from other access
authorization programs. Licensees who are seeking to grant unescorted
access or certify unescorted access authorization
[[Page 13984]]
or applicants who are seeking to certify unescorted access
authorization to an individual who is subject to another access
authorization program or another access authorization program that
complies with this section may rely on those access authorization
programs or access authorization program elements to comply with the
requirements of this section. However, the licensee who is seeking to
grant unescorted access or the licensee or applicant who is seeking to
certify unescorted access authorization shall ensure that the program
elements to be accepted have been maintained consistent with the
requirements of this section by the other access authorization program.
(6) Information sharing. To meet the requirements of this section,
licensees, applicants, and contractors or vendors may rely upon the
information that other licensees, applicants, and contractors or
vendors who are also subject to this section, have gathered about
individuals who have previously applied for unescorted access or
unescorted access authorization, and developed about individuals during
periods in which the individuals maintained unescorted access or
unescorted access authorization status.
(i) Maintaining unescorted access or unescorted access
authorization.
(1) Individuals may maintain unescorted access or unescorted access
authorization status under the following conditions:
(i) The individual remains subject to a behavioral observation
program that complies with the requirements of Sec. 73.56(f) of this
section.
(ii) The individual successfully completes behavioral observation
refresher training or testing on the nominal 12-month frequency
required in Sec. 73.56(f)(2)(ii) of this section.
(iii) The individual complies with the licensee's or applicant's
access authorization program policies and procedures to which he or she
is subject, including the self-reporting of legal actions
responsibility specified in paragraph (g) of this section.
(iv) The individual is subject to an annual supervisory review
conducted in accordance with the requirements of the licensee's or
applicant's behavioral observation program. The individual shall be
subject to a supervisory interview in accordance with the requirements
of the licensee's or applicant's behavioral observation program, if the
supervisor does not have the frequent interaction with the individual
throughout the review period needed to form an informed and reasonable
opinion regarding the individual's behavior, trustworthiness, and
reliability.
(v) The licensee's or applicant's reviewing official determines
that the individual continues to be trustworthy and reliable. This
determination must, at a minimum, be based on the following:
(A) A criminal history update and credit history re-evaluation for
any individual with unescorted access. The criminal history update and
credit history re-evaluation must be completed within 5 years of the
date on which these elements were last completed.
(B) For individuals who perform one or more of the job functions
described in this paragraph, the trustworthiness and reliability
determination must be based on a criminal history update and credit
history re-evaluation within three years of the date on which these
elements were last completed, or more frequently, based on job
assignment as determined by the licensee or applicant, and a
psychological re-assessment within 5 years of the date on which this
element was last completed:
(1) Individuals who have extensive knowledge of defensive
strategies and design and/or implementation of the plant's defense
strategies, including--
(i) Site security supervisors;
(ii) Site security managers;
(iii) Security training instructors; and
(iv) Corporate security managers;
(2) Individuals in a position to grant an applicant unescorted
access or unescorted access authorization, including site access
authorization managers;
(3) Individuals assigned a duty to search for contraband or other
items that could be used to commit radiological sabotage (i.e.,
weapons, explosives, incendiary devices);
(4) Individuals who have access, extensive knowledge, or
administrative control over plant digital computer and communication
systems and networks as identified in Sec. 73.54, including--
(i) Plant network systems administrators;
(ii) IT personnel who are responsible for securing plant networks;
or
(5) Individuals qualified for and assigned duties as: armed
security officers, armed responders, alarm station operators, response
team leaders, and armorers as defined in the licensee's or applicant's
Physical Security Plan; and reactor operators, senior reactor operators
and non-licensed operators. Non-licensed operators include those
individuals responsible for the operation of plant systems and
components, as directed by a reactor operator or senior reactor
operator. A non-licensed operator also includes individuals who monitor
plant instrumentation and equipment and principally perform their
duties outside of the control room.
(C) The criminal history update and the credit history re-
evaluation shall be completed within 30 calendar days of each other.
(vi) If the criminal history update, credit history re-evaluation,
psychological re-assessment, if required, and supervisory review and
interview, if applicable, have not been completed and the information
evaluated by the reviewing official within the time frame specified
under paragraph (v) of this section, the licensee or applicant shall
administratively withdraw the individual's unescorted access or
unescorted access authorization until these requirements have been met.
(2) If an individual who has unescorted access or unescorted access
authorization status is not subject to an access authorization program
that meets the requirements of this part for more than 30 continuous
days, then the licensee or applicant shall terminate the individual's
unescorted access or unescorted access authorization status and the
individual shall meet the requirements in this section, as applicable,
to regain unescorted access or unescorted access authorization.
(j) Access to vital areas. Licensees or applicants shall establish,
implement, and maintain a list of individuals who are authorized to
have unescorted access to specific nuclear power plant vital areas
during non-emergency conditions. The list must include only those
individuals who have a continued need for access to those specific
vital areas in order to perform their duties and responsibilities. The
list must be approved by a cognizant licensee or applicant manager or
supervisor who is responsible for directing the work activities of the
individual who is granted unescorted access to each vital area, and
updated and re-approved no less frequently than every 31 days.
(k) Trustworthiness and reliability of background screeners and
access authorization program personnel. Licensees, applicants, and
contractors or vendors shall ensure that any individual who collects,
processes, or has access to personal information that is used to make
unescorted access or unescorted access authorization determinations
under this section has been determined to be trustworthy and reliable.
(1) Background screeners. Licensees, applicants, and contractors or
vendors who rely on individuals who are not directly under their
control to collect and process information that will be used by a
reviewing official to make
[[Page 13985]]
unescorted access or unescorted access authorization determinations
shall ensure that a trustworthiness and reliability evaluation of such
individuals has been completed to support a determination that such
individuals are trustworthy and reliable. At a minimum, the following
checks are required:
(i) Verify the individual's true identity as specified in paragraph
(d)(3) of this section;
(ii) A local criminal history review and evaluation based on
information obtained from an appropriate State or local court or agency
in which the individual resided;
(iii) A credit history review and evaluation;
(iv) An employment history review and evaluation covering the past
3 years; and
(v) An evaluation of character and reputation.
(2) Access authorization program personnel. Licensees, applicants,
and contractors or vendors shall ensure that any individual who
evaluates personal information for the purpose of processing
applications for unescorted access or unescorted access authorization,
including but not limited to a psychologist or psychiatrist who
conducts psychological assessments under Sec. 73.56(e), has access to
the files, records, and personal information associated with
individuals who have applied for unescorted access or unescorted access
authorization, or is responsible for managing any databases that
contain such files, records, and personal information has been
determined to be trustworthy and reliable, as follows:
(i) The individual is subject to an access authorization program
that meets the requirements of this section; or
(ii) The licensee, applicant, and contractor or vendor determines
that the individual is trustworthy and reliable based upon an
evaluation that meets the requirements of Sec. 73.56(d)(1) through
(d)(6) and (e) and either a local criminal history review and
evaluation as specified in Sec. 73.56(k)(1)(ii) or a criminal history
check that meets the requirements of Sec. 73.56(d)(7).
(l) Review procedures. Each licensee and applicant shall include a
procedure for the notification of individuals who are denied unescorted
access, unescorted access authorization, or who are unfavorably
terminated. Additionally, procedures must include provisions for the
review, at the request of the affected individual, of a denial or
unfavorable termination of unescorted access or unescorted access
authorization that may adversely affect employment. The procedure must
contain a provision to ensure the individual is informed of the grounds
for the denial or unfavorable termination and allow the individual an
opportunity to provide additional relevant information and an
opportunity for an objective review of the information upon which the
denial or unfavorable termination of unescorted access or unescorted
access authorization was based. The procedure must provide for an
impartial and independent internal management review. Licensees and
applicants shall not grant unescorted access or certify unescorted
access authorization, or permit the individual to maintain unescorted
access or unescorted access authorization during the review process.
(m) Protection of information. Each licensee, applicant,
contractor, or vendor shall establish and maintain a system of files
and procedures to ensure personal information is not disclosed to
unauthorized persons.
(1) Licensees, applicants and contractors or vendors shall obtain
signed consent from the subject individual that authorizes the
disclosure of any information collected and maintained under this
section before disclosing the information, except for disclosures to
the following individuals:
(i) The subject individual or his or her representative, when the
individual has designated the representative in writing for specified
unescorted access authorization matters;
(ii) NRC representatives;
(iii) Appropriate law enforcement officials under court order;
(iv) A licensee's, applicant's, or contractor's or vendor's
representatives who have a need to have access to the information in
performing assigned duties, including determinations of trustworthiness
and reliability and audits of access authorization programs;
(v) The presiding officer in a judicial or administrative
proceeding that is initiated by the subject individual;
(vi) Persons deciding matters under the review procedures in
paragraph (k) of this section; or
(vii) Other persons pursuant to court order.
(2) All information pertaining to a denial or unfavorable
termination of the individual's unescorted access or unescorted access
authorization shall be promptly provided, upon receipt of a written
request by the subject individual or his or her designated
representative as designated in writing. The licensee or applicant may
redact the information to be released to the extent that personal
privacy information, including the name of the source of the
information is withheld.
(3) A contract with any individual or organization who collects and
maintains personal information that is relevant to an unescorted access
or unescorted access authorization determination must require that such
records be held in confidence, except as provided in paragraphs (m)(1)
through (m)(2) of this section.
(4) Licensees, applicants, or contractors or vendors and any
individual or organization who collects and maintains personal
information on behalf of a licensee, applicant, or contractor or
vendor, shall establish, implement, and maintain a system and
procedures for the secure storage and handling of the information
collected.
(n) Audits and corrective action. Each licensee and applicant shall
be responsible for the continuing effectiveness of the access
authorization program, including access authorization program elements
that are provided by the contractors or vendors, and the access
authorization programs of any of the contractors or vendors that are
accepted by the licensee or applicant. Each licensee, applicant, and
contractor or vendor shall ensure that access authorization programs
and program elements are audited to confirm compliance with the
requirements of this section and those comprehensive actions are taken
to correct any non-conformance that is identified.
(1) Each licensee and applicant shall ensure that its entire access
authorization program is audited nominally every 24 months. Licensees,
applicants and contractors or vendors are responsible for determining
the appropriate frequency, scope, and depth of additional auditing
activities within the nominal 24-month period based on the review of
program performance indicators, such as the frequency, nature, and
severity of discovered problems, personnel or procedural changes, and
previous audit findings.
(2) Access authorization program services that are provided to a
licensee or applicant by contractor or vendor personnel who are off
site or are not under the direct daily supervision or observation of
the licensee's or applicant's personnel must be audited by the licensee
or applicant on a nominal 12-month frequency. In addition, any access
authorization program services that are provided to contractors or
vendors by subcontractor personnel who are off site or are not under
the direct daily supervision or observation of the contractor's or
vendor's personnel must be audited by
[[Page 13986]]
the licensee or applicant on a nominal 12-month frequency.
(3) Licensee's and applicant's contracts with contractors or
vendors must reserve the licensee's or applicant's right to audit the
contractors or vendors and the contractor's or vendor's subcontractors
providing access authorization program services at any time, including
at unannounced times, as well as to review all information and
documentation that is reasonably relevant to the performance of the
program.
(4) Licensee's and applicant's contracts with the contractors or
vendors, and contractors' or vendors' contracts with subcontractors,
must also require that the licensee or applicant shall be provided
access to and be permitted to take away copies of any documents or data
that may be needed to assure that the contractor or vendor and its
subcontractors are performing their functions properly and that staff
and procedures meet applicable requirements.
(5) Audits must focus on the effectiveness of the access
authorization program or program element(s), as appropriate. At least
one member of the licensee or applicant audit team shall be a person
who is knowledgeable of and practiced with meeting the performance
objectives and requirements of the access authorization program or
program elements being audited. The individuals performing the audit of
the access authorization program or program element(s) shall be
independent from both the subject access authorization programs'
management and from personnel who are directly responsible for
implementing the access authorization program or program elements being
audited.
(6) The results of the audits, along with any recommendations, must
be documented in the site corrective action program in accordance with
Sec. 73.55(b)(10) and reported to senior management having
responsibility in the area audited and to management responsible for
the access authorization program. Each audit report must identify
conditions that are adverse to the proper performance of the access
authorization program, the cause of the condition(s), and, when
appropriate, recommended corrective actions, and corrective actions
taken. The licensee, applicant, or contractor or vendor shall review
the audit findings and take any additional corrective actions, to
include re-auditing of the deficient areas where indicated, to preclude
repetition of the condition.
(7) Licensees and applicants may jointly conduct audits, or may
accept audits of the contractors or vendors that were conducted by
other licensees and applicants who are subject to this section, if the
audit addresses the services obtained from the contractor or vendor by
each of the sharing licensees and applicants. The contractors or
vendors may jointly conduct audits, or may accept audits of its
subcontractors that were conducted by other licensees, applicants, or
contractors or vendors who are subject to this section, if the audit
addresses the services obtained from the subcontractor by each of the
sharing licensees, applicants, and the contractors or vendors.
(i) Licensees, applicants, and contractors or vendors shall review
audit records and reports to identify any areas that were not covered
by the shared or accepted audit and ensure that authorization program
elements and services upon which the licensee, applicant, or contractor
or vendor relies are audited, if the program elements and services were
not addressed in the shared audit.
(ii) Sharing licensees and applicants need not re-audit the same
contractor or vendor for the same time. Sharing contractors or vendors
need not re-audit the same subcontractor for the same time.
(iii) Sharing licensees, applicants, and contractors or vendors
shall maintain a copy of the shared audits, including findings,
recommendations, and corrective actions.
(o) Records. Licensee, applicants, and contractors or vendors shall
maintain the records that are required by the regulations in this
section for the period specified by the appropriate regulation. If a
retention period is not otherwise specified, these records must be
retained until the Commission terminates the facility's license,
certificate, or other regulatory approval.
(1) Records may be stored and archived electronically, provided
that the method used to create the electronic records meets the
following criteria:
(i) Provides an accurate representation of the original records;
(ii) Prevents unauthorized access to the records;
(iii) Prevents the alteration of any archived information and/or
data once it has been committed to storage; and
(iv) Permits easy retrieval and re-creation of the original
records.
(2) Licensees and applicants who are subject to this section shall
retain the following records:
(i) Records of the information that must be collected under
paragraphs (d) and (e) of this section that results in the granting of
unescorted access or rtifying of unescorted access authorization for at
least 5 years after the licensee or applicant terminates or denies an
individual's unescorted access or unescorted access authorization or
until the completion of all related legal proceedings, whichever is
later;
(ii) Records pertaining to denial or unfavorable termination of
unescorted access or unescorted access authorization and related
management actions for at least 5 years after the licensee or applicant
terminates or denies an individual's unescorted access or unescorted
access authorization or until the completion of all related legal
proceedings, whichever is later; and
(iii) Documentation of the granting and termination of unescorted
access or unescorted access authorization for at least 5 years after
the licensee or applicant terminates or denies an individual's
unescorted access or unescorted access authorization or until the
completion of all related legal proceedings, whichever is later.
Contractors or vendors may maintain the records that are or were
pertinent to granting, certifying, denying, or terminating unescorted
access or unescorted access authorization that they collected for
licensees or applicants. If the contractors or vendors maintain the
records on behalf of a licensee or an applicant, they shall follow the
record retention requirement specified in this section. Upon
termination of a contract between the contractor and vendor and a
licensee or applicant, the contractor or vendor shall provide the
licensee or applicant with all records collected for the licensee or
applicant under this chapter.
(3) Licensees, applicants, and contractors or vendors shall retain
the following records for at least 3 years or until the completion of
all related proceedings, whichever is later:
(i) Records of behavioral observation training conducted under
paragraph (f)(2) of this section; and
(ii) Records of audits, audit findings, and corrective actions
taken under paragraph (n) of this section.
(4) Licensees, applicants, and contractors or vendors shall retain
written agreements for the provision of services under this section,
for three years after termination or completion of the agreement, or
until completion of all proceedings related to a denial or unfavorable
termination of unescorted access or unescorted access authorization
that involved those services, whichever is later.
(5) Licensees, applicants, and contractors or vendors shall retain
[[Page 13987]]
records of the background investigations, psychological assessments,
supervisory reviews, and behavior observation program actions related
to access authorization program personnel, conducted under paragraphs
(d) and (e) of this section, for the length of the individual's
employment by or contractual relationship with the licensee, applicant,
or the contractor or vendor and three years after the termination of
employment, or until the completion of any proceedings relating to the
actions of such access authorization program personnel, whichever is
later.
(6) Licensees, applicants, and the contractors or vendors who have
been authorized to add or manipulate data that is shared with licensees
subject to this section shall ensure that data linked to the
information about individuals who have applied for unescorted access or
unescorted access authorization, which is specified in the licensee's
or applicant's access authorization program documents, is retained.
(i) If the shared information used for determining individual's
trustworthiness and reliability changes or new or additional
information is developed about the individual, the licensees,
applicants, and the contractors or vendors that acquire this
information shall correct or augment the data and ensure it is shared
with licensees subject to this section. If the changed, additional or
developed information has implications for adversely affecting an
individual's trustworthiness and reliability, the licensee, applicant,
or the contractor or vendor who discovered or obtained the new,
additional or changed information, shall, on the day of discovery,
inform the reviewing official of any licensee or applicant access
authorization program under which the individual is maintaining his or
her unescorted access or unescorted access authorization status of the
updated information.
(ii) The reviewing official shall evaluate the shared information
and take appropriate actions, which may include denial or unfavorable
termination of the individual's unescorted access authorization. If the
notification of change or updated information cannot be made through
usual methods, licensees, applicants, and the contractors or vendors
shall take manual actions to ensure that the information is shared as
soon as reasonably possible. Records maintained in any database(s) must
be available for NRC review.
(7) If a licensee or applicant administratively withdraws an
individual's unescorted access or unescorted access authorization
status caused by a delay in completing any portion of the background
investigation or for a licensee or applicant initiated evaluation, or
re-evaluation that is not under the individual's control, the licensee
or applicant shall record this administrative action to withdraw the
individual's unescorted access or unescorted access authorization with
other licensees subject to this section. However, licensees and
applicants shall not document this administrative withdrawal as denial
or unfavorable termination and shall not respond to a suitable inquiry
conducted under the provisions of 10 CFR parts 26, a background
investigation conducted under the provisions of this section, or any
other inquiry or investigation as denial nor unfavorable termination.
Upon favorable completion of the background investigation element that
caused the administrative withdrawal, the licensee or applicant shall
immediately ensure that any matter that could link the individual to
the administrative action is eliminated from the subject individual's
access authorization or personnel record and other records, except if a
review of the information obtained or developed causes the reviewing
official to unfavorably terminate or deny the individual's unescorted
access.
0
14. Section 73.58 is added to read as follows:
Sec. 73.58 Safety/security interface requirements for nuclear power
reactors.
(a) Each operating nuclear power reactor licensee with a license
issued under part 50 or 52 of this chapter shall comply with the
requirements of this section.
(b) The licensee shall assess and manage the potential for adverse
effects on safety and security, including the site emergency plan,
before implementing changes to plant configurations, facility
conditions, or security.
(c) The scope of changes to be assessed and managed must include
planned and emergent activities (such as, but not limited to, physical
modifications, procedural changes, changes to operator actions or
security assignments, maintenance activities, system reconfiguration,
access modification or restrictions, and changes to the security plan
and its implementation).
(d) Where potential conflicts are identified, the licensee shall
communicate them to appropriate licensee personnel and take
compensatory and/or mitigative actions to maintain safety and security
under applicable Commission regulations, requirements, and license
conditions.
0
15. In appendix B to part 73:
0
a. Add a new section heading VI to the Table of Contents.
0
b. Amend the Introduction by adding a new paragraph to the beginning of
the text, and
0
c. Add section VI to the end of the appendix to read as follows:
Appendix B to Part 73--General Criteria for Security Personnel
Table of Contents
* * * * *
VI. Nuclear Power Reactor Training and Qualification Plan for Personnel
Performing Security Program Duties
A. General Requirements and Introduction
B. Employment Suitability and Qualification
C. Duty Training
D. Duty Qualification and Requalification
E. Weapons Training
F. Weapons Qualification and Requalification Program
G. Weapons, Personal Equipment and Maintenance
H. Records
I. Reviews
J. Definitions
Introduction
Applicants and power reactor licensees subject to the
requirements of Sec. 73.55 shall comply only with the requirements
of section VI of this appendix. All other licensees, applicants, or
certificate holders shall comply only with sections I through V of
this appendix.
* * * * *
VI. Nuclear Power Reactor Training and Qualification Plan for Personnel
Performing Security Program Duties
A. General Requirements and Introduction
1. The licensee shall ensure that all individuals who are
assigned duties and responsibilities required to prevent significant
core damage and spent fuel sabotage, implement the Commission-
approved security plans, licensee response strategy, and
implementing procedures, meet minimum training and qualification
requirements to ensure each individual possesses the knowledge,
skills, and abilities required to effectively perform the assigned
duties and responsibilities.
2. To ensure that those individuals who are assigned to perform
duties and responsibilities required for the implementation of the
Commission-approved security plans, licensee response strategy, and
implementing procedures are properly suited, trained, equipped, and
qualified to perform their assigned duties and responsibilities, the
Commission has developed minimum training and qualification
requirements that must be implemented through a Commission-approved
training and qualification plan.
3. The licensee shall establish, maintain, and follow a
Commission-approved training and qualification plan, describing how
the
[[Page 13988]]
minimum training and qualification requirements set forth in this
appendix will be met, to include the processes by which all
individuals, will be selected, trained, equipped, tested, and
qualified.
4. Each individual assigned to perform security program duties
and responsibilities required to effectively implement the
Commission-approved security plans, licensee protective strategy,
and the licensee implementing procedures, shall demonstrate the
knowledge, skills, and abilities required to effectively perform the
assigned duties and responsibilities before the individual is
assigned the duty or responsibility.
5. The licensee shall ensure that the training and qualification
program simulates, as closely as practicable, the specific
conditions under which the individual shall be required to perform
assigned duties and responsibilities.
6. The licensee may not allow any individual to perform any
security function, assume any security duties or responsibilities,
or return to security duty, until that individual satisfies the
training and qualification requirements of this appendix and the
Commission-approved training and qualification plan, unless
specifically authorized by the Commission.
7. Annual requirements must be scheduled at a nominal twelve
(12) month periodicity. Annual requirements may be completed up to
three (3) months before or three (3) months after the scheduled
date. However, the next annual training must be scheduled twelve
(12) months from the previously scheduled date rather than the date
the training was actually completed.
B. Employment Suitability and Qualification
1. Suitability.
(a) Before employment, or assignment to the security
organization, an individual shall:
(1) Possess a high school diploma or pass an equivalent
performance examination designed to measure basic mathematical,
language, and reasoning skills, abilities, and knowledge required to
perform security duties and responsibilities;
(2) Have attained the age of 21 for an armed capacity or the age
of 18 for an unarmed capacity; and
(3) Not have any felony convictions that reflect on the
individual's reliability.
(4) Individuals in an armed capacity, would not be disqualified
from possessing or using firearms or ammunition in accordance with
applicable state or Federal law, to include 18 U.S.C. 922. Licensees
shall use information that has been obtained during the completion
of the individual's background investigation for unescorted access
to determine suitability. Satisfactory completion of a firearms
background check for the individual under 10 CFR 73.19 of this part
will also fulfill this requirement.
(b) The qualification of each individual to perform assigned
duties and responsibilities must be documented by a qualified
training instructor and attested to by a security supervisor.
2. Physical qualifications.
(a) General physical qualifications.
(1) Individuals whose duties and responsibilities are directly
associated with the effective implementation of the Commission-
approved security plans, licensee protective strategy, and
implementing procedures, may not have any physical conditions that
would adversely affect their performance of assigned security duties
and responsibilities.
(2) Armed and unarmed individuals assigned security duties and
responsibilities shall be subject to a physical examination designed
to measure the individual's physical ability to perform assigned
duties and responsibilities as identified in the Commission-approved
security plans, licensee protective strategy, and implementing
procedures.
(3) This physical examination must be administered by a licensed
health professional with the final determination being made by a
licensed physician to verify the individual's physical capability to
perform assigned duties and responsibilities.
(4) The licensee shall ensure that both armed and unarmed
individuals who are assigned security duties and responsibilities
identified in the Commission-approved security plans, the licensee
protective strategy, and implementing procedures, meet the following
minimum physical requirements, as required to effectively perform
their assigned duties.
(b) Vision.
(1) For each individual, distant visual acuity in each eye shall
be correctable to 20/30 (Snellen or equivalent) in the better eye
and 20/40 in the other eye with eyeglasses or contact lenses.
(2) Near visual acuity, corrected or uncorrected, shall be at
least 20/40 in the better eye.
(3) Field of vision must be at least 70 degrees horizontal
meridian in each eye.
(4) The ability to distinguish red, green, and yellow colors is
required.
(5) Loss of vision in one eye is disqualifying.
(6) Glaucoma is disqualifying, unless controlled by acceptable
medical or surgical means, provided that medications used for
controlling glaucoma do not cause undesirable side effects which
adversely affect the individual's ability to perform assigned
security duties, and provided the visual acuity and field of vision
requirements stated previously are met.
(7) On-the-job evaluation must be used for individuals who
exhibit a mild color vision defect.
(8) If uncorrected distance vision is not at least 20/40 in the
better eye, the individual shall carry an extra pair of corrective
lenses in the event that the primaries are damaged. Corrective
eyeglasses must be of the safety glass type.
(9) The use of corrective eyeglasses or contact lenses may not
interfere with an individual's ability to effectively perform
assigned duties and responsibilities during normal or emergency
conditions.
(c) Hearing.
(1) Individuals may not have hearing loss in the better ear
greater than 30 decibels average at 500 Hz, 1,000 Hz, and 2,000 Hz
with no level greater than 40 decibels at any one frequency.
(2) A hearing aid is acceptable provided suitable testing
procedures demonstrate auditory acuity equivalent to the hearing
requirement.
(3) The use of a hearing aid may not decrease the effective
performance of the individual's assigned security duties during
normal or emergency operations.
(d) Existing medical conditions.
(1) Individuals may not have an established medical history or
medical diagnosis of existing medical conditions which could
interfere with or prevent the individual from effectively performing
assigned duties and responsibilities.
(2) If a medical condition exists, the individual shall provide
medical evidence that the condition can be controlled with medical
treatment in a manner which does not adversely affect the
individual's fitness-for-duty, mental alertness, physical condition,
or capability to otherwise effectively perform assigned duties and
responsibilities.
(e) Addiction. Individuals may not have any established medical
history or medical diagnosis of habitual alcoholism or drug
addiction, or, where this type of condition has existed, the
individual shall provide certified documentation of having completed
a rehabilitation program which would give a reasonable degree of
confidence that the individual would be capable of effectively
performing assigned duties and responsibilities.
(f) Other physical requirements. An individual who has been
incapacitated due to a serious illness, injury, disease, or
operation, which could interfere with the effective performance of
assigned duties and responsibilities shall, before resumption of
assigned duties and responsibilities, provide medical evidence of
recovery and ability to perform these duties and responsibilities.
3. Psychological qualifications.
(a) Armed and unarmed individuals shall demonstrate the ability
to apply good judgment, mental alertness, the capability to
implement instructions and assigned tasks, and possess the acuity of
senses and ability of expression sufficient to permit accurate
communication by written, spoken, audible, visible, or other signals
required by assigned duties and responsibilities.
(b) A licensed psychologist, psychiatrist, or physician trained
in part to identify emotional instability shall determine whether
armed members of the security organization and alarm station
operators in addition to meeting the requirement stated in paragraph
(a) of this section, have no emotional instability that would
interfere with the effective performance of assigned duties and
responsibilities.
(c) A person professionally trained to identify emotional
instability shall determine whether unarmed individuals in addition
to meeting the requirement stated in paragraph (a) of this section,
have no emotional instability that would interfere with the
effective performance of assigned duties and responsibilities.
4. Medical examinations and physical fitness qualifications.
(a) Armed members of the security organization shall be subject
to a medical examination by a licensed physician, to determine the
individual's fitness to participate in physical fitness tests.
[[Page 13989]]
(1) The licensee shall obtain and retain a written certification
from the licensed physician that no medical conditions were
disclosed by the medical examination that would preclude the
individual's ability to participate in the physical fitness tests or
meet the physical fitness attributes or objectives associated with
assigned duties.
(b) Before assignment, armed members of the security
organization shall demonstrate physical fitness for assigned duties
and responsibilities by performing a practical physical fitness
test.
(1) The physical fitness test must consider physical conditions
such as strenuous activity, physical exertion, levels of stress, and
exposure to the elements as they pertain to each individual's
assigned security duties for both normal and emergency operations
and must simulate site specific conditions under which the
individual will be required to perform assigned duties and
responsibilities.
(2) The licensee shall describe the physical fitness test in the
Commission-approved training and qualification plan.
(3) The physical fitness test must include physical attributes
and performance objectives which demonstrate the strength,
endurance, and agility, consistent with assigned duties in the
Commission-approved security plans, licensee protective strategy,
and implementing procedures during normal and emergency conditions.
(4) The physical fitness qualification of each armed member of
the security organization must be documented by a qualified training
instructor and attested to by a security supervisor.
5. Physical requalification.
(a) At least annually, armed and unarmed individuals shall be
required to demonstrate the capability to meet the physical
requirements of this appendix and the licensee training and
qualification plan.
(b) The physical requalification of each armed and unarmed
individual must be documented by a qualified training instructor and
attested to by a security supervisor.
C. Duty Training
1. Duty training and qualification requirements. All personnel
who are assigned to perform any security-related duty or
responsibility shall be trained and qualified to perform assigned
duties and responsibilities to ensure that each individual possesses
the minimum knowledge, skills, and abilities required to effectively
carry out those assigned duties and responsibilities.
(a) The areas of knowledge, skills, and abilities that are
required to perform assigned duties and responsibilities must be
identified in the licensee's Commission-approved training and
qualification plan.
(b) Each individual who is assigned duties and responsibilities
identified in the Commission-approved security plans, licensee
protective strategy, and implementing procedures shall, before
assignment:
(1) Be trained to perform assigned duties and responsibilities
in accordance with the requirements of this appendix and the
Commission-approved training and qualification plan.
(2) Meet the minimum qualification requirements of this appendix
and the Commission-approved training and qualification plan.
(3) Be trained and qualified in the use of all equipment or
devices required to effectively perform all assigned duties and
responsibilities.
2. On-the-job training.
(a) The licensee training and qualification program must include
on-the-job training performance standards and criteria to ensure
that each individual demonstrates the requisite knowledge, skills,
and abilities needed to effectively carry-out assigned duties and
responsibilities in accordance with the Commission-approved security
plans, licensee protective strategy, and implementing procedures,
before the individual is assigned the duty or responsibility.
(b) In addition to meeting the requirement stated in paragraph
C.2.(a) of this appendix, before assignment, individuals (e.g.
response team leaders, alarm station operators, armed responders,
and armed security officers designated as a component of the
protective strategy) assigned duties and responsibilities to
implement the Safeguards Contingency Plan shall complete a minimum
of 40 hours of on-the-job training to demonstrate their ability to
effectively apply the knowledge, skills, and abilities required to
effectively perform assigned contingency duties and responsibilities
in accordance with the approved safeguards contingency plan, other
security plans, licensee protective strategy, and implementing
procedures. On-the-job training must be documented by a qualified
training instructor and attested to by a security supervisor.
(c) On-the-job training for contingency activities and drills
must include, but is not limited to, hands-on application of
knowledge, skills, and abilities related to:
(1) Response team duties.
(2) Use of force.
(3) Tactical movement.
(4) Cover and concealment.
(5) Defensive positions.
(6) Fields-of-fire.
(7) Re-deployment.
(8) Communications (primary and alternate).
(9) Use of assigned equipment.
(10) Target sets.
(11) Table top drills.
(12) Command and control duties.
(13) Licensee Protective Strategy.
3. Performance Evaluation Program.
(a) Licensees shall develop, implement and maintain a
Performance Evaluation Program that is documented in procedures
which describes how the licensee will demonstrate and assess the
effectiveness of their onsite physical protection program and
protective strategy, including the capability of the armed response
team to carry out their assigned duties and responsibilities during
safeguards contingency events. The Performance Evaluation Program
and procedures shall be referenced in the licensee's Training and
Qualifications Plan.
(b) The Performance Evaluation Program shall include procedures
for the conduct of tactical response drills and force-on-force
exercises designed to demonstrate and assess the effectiveness of
the licensee's physical protection program, protective strategy and
contingency event response by all individuals with responsibilities
for implementing the safeguards contingency plan.
(c) The licensee shall conduct tactical response drills and
force-on-force exercises in accordance with Commission-approved
security plans, licensee protective strategy, and implementing
procedures.
(d) Tactical response drills and force-on-force exercises must
be designed to challenge the site protective strategy against
elements of the design basis threat and ensure each participant
assigned security duties and responsibilities identified in the
Commission-approved security plans, the licensee protective
strategy, and implementing procedures demonstrate the requisite
knowledge, skills, and abilities.
(e) Tactical response drills, force-on-force exercises, and
associated contingency response training shall be conducted under
conditions that simulate, as closely as practicable, the site-
specific conditions under which each member will, or may be,
required to perform assigned duties and responsibilities.
(f) The scope of tactical response drills conducted for training
purposes shall be determined by the licensee and must address site-
specific, individual or programmatic elements, and may be limited to
specific portions of the site protective strategy.
(g) Each tactical response drill and force-on-force exercise
shall include a documented post-exercise critique in which
participants identify failures, deficiencies or other findings in
performance, plans, equipment or strategies.
(h) Licensees shall document scenarios and participants for all
tactical response drills and annual force-on-force exercises
conducted.
(i) Findings, deficiencies and failures identified during
tactical response drills and force-on-force exercises that adversely
affect or decrease the effectiveness of the protective strategy and
physical protection program shall be entered into the licensee's
corrective action program to ensure that timely corrections are made
to the appropriate program areas.
(j) Findings, deficiencies and failures associated with the
onsite physical protection program and protective strategy shall be
protected as necessary in accordance with the requirements of 10 CFR
73.21.
(k) For the purpose of tactical response drills and force-on-
force exercises, licensees shall:
(1) Use no more than the total number of armed responders and
armed security officers documented in the security plans.
(2) Minimize the number and effects of artificialities
associated with tactical response drills and force-on-force
exercises.
(3) Implement the use of systems or methodologies that simulate
the realities of armed engagement through visual and audible means,
and reflect the capabilities of armed personnel to neutralize a
target though the use of firearms.
(4) Ensure that each scenario used provides a credible,
realistic challenge to the
[[Page 13990]]
protective strategy and the capabilities of the security response
organization.
(l) The Performance Evaluation Program must be designed to
ensure that:
(1) Each member of each shift who is assigned duties and
responsibilities required to implement the safeguards contingency
plan and licensee protective strategy participates in at least one
(1) tactical response drill on a quarterly basis and one (1) force-
on-force exercise on an annual basis. Force-on-force exercises
conducted to satisfy the NRC triennial evaluation requirement can be
used to satisfy the annual force-on-force requirement for the
personnel that participate in the capacity of the security response
organization.
(2) The mock adversary force replicates, as closely as possible,
adversary characteristics and capabilities of the design basis
threat described in 10 CFR 73.1(a)(1), and is capable of exploiting
and challenging the licensees protective strategy, personnel,
command and control, and implementing procedures.
(3) Protective strategies can be evaluated and challenged
through the conduct of tactical response tabletop demonstrations.
(4) Drill and exercise controllers are trained and qualified to
ensure that each controller has the requisite knowledge and
experience to control and evaluate exercises.
(5) Tactical response drills and force-on-force exercises are
conducted safely and in accordance with site safety plans.
(m) Scenarios.
(1) Licensees shall develop and document multiple scenarios for
use in conducting quarterly tactical response drills and annual
force-on-force exercises.
(2) Licensee scenarios must be designed to test and challenge
any components or combination of components, of the onsite physical
protection program and protective strategy.
(3) Each scenario must use a unique target set or target sets,
and varying combinations of adversary equipment, strategies, and
tactics, to ensure that the combination of all scenarios challenges
every component of the onsite physical protection program and
protective strategy to include, but not limited to, equipment,
implementing procedures, and personnel.
D. Duty Qualification and Requalification
1. Qualification demonstration.
(a) Armed and unarmed individuals shall demonstrate the required
knowledge, skills, and abilities to carry out assigned duties and
responsibilities as stated in the Commission-approved security
plans, licensee protective strategy, and implementing procedures.
(b) This demonstration must include written exams and hands-on
performance demonstrations.
(1) Written Exams. The written exams must include those elements
listed in the Commission-approved training and qualification plan
and shall require a minimum score of 80 percent to demonstrate an
acceptable understanding of assigned duties and responsibilities, to
include the recognition of potential tampering involving both safety
and security equipment and systems.
(2) Hands-on Performance Demonstrations. Armed and unarmed
individuals shall demonstrate hands-on performance for assigned
duties and responsibilities by performing a practical hands-on
demonstration for required tasks. The hands-on demonstration must
ensure that theory and associated learning objectives for each
required task are considered and each individual demonstrates the
knowledge, skills, and abilities required to effectively perform the
task.
(3) Annual Written Exam. Armed individuals shall be administered
an annual written exam that demonstrates the required knowledge,
skills, and abilities to carry out assigned duties and
responsibilities as an armed member of the security organization.
The annual written exam must include those elements listed in the
Commission-approved training and qualification plan and shall
require a minimum score of 80 percent to demonstrate an acceptable
understanding of assigned duties and responsibilities.
(c) Upon request by an authorized representative of the
Commission, any individual assigned to perform any security-related
duty or responsibility shall demonstrate the required knowledge,
skills, and abilities for each assigned duty and responsibility, as
stated in the Commission-approved security plans, licensee
protective strategy, or implementing procedures.
2. Requalification.
(a) Armed and unarmed individuals shall be requalified at least
annually in accordance with the requirements of this appendix and
the Commission-approved training and qualification plan.
(b) The results of requalification must be documented by a
qualified training instructor and attested by a security supervisor.
E. Weapons Training
1. General firearms training.
(a) Armed members of the security organization shall be trained
and qualified in accordance with the requirements of this appendix
and the Commission-approved training and qualification plan.
(b) Firearms instructors.
(1) Each armed member of the security organization shall be
trained and qualified by a certified firearms instructor for the use
and maintenance of each assigned weapon to include but not limited
to, marksmanship, assembly, disassembly, cleaning, storage,
handling, clearing, loading, unloading, and reloading, for each
assigned weapon.
(2) Firearms instructors shall be certified from a national or
state recognized entity.
(3) Certification must specify the weapon or weapon type(s) for
which the instructor is qualified to teach.
(4) Firearms instructors shall be recertified in accordance with
the standards recognized by the certifying national or state entity,
but in no case shall recertification exceed three (3) years.
(c) Annual firearms familiarization. The licensee shall conduct
annual firearms familiarization training in accordance with the
Commission-approved training and qualification plan.
(d) The Commission-approved training and qualification plan
shall include, but is not limited to, the following areas:
(1) Mechanical assembly, disassembly, weapons capabilities and
fundamentals of marksmanship.
(2) Weapons cleaning and storage.
(3) Combat firing, day and night.
(4) Safe weapons handling.
(5) Clearing, loading, unloading, and reloading.
(6) Firing under stress.
(7) Zeroing duty weapon(s) and weapons sighting adjustments.
(8) Target identification and engagement.
(9) Weapon malfunctions.
(10) Cover and concealment.
(11) Weapon familiarization.
(e) The licensee shall ensure that each armed member of the
security organization is instructed on the use of deadly force as
authorized by applicable state law.
(f) Armed members of the security organization shall participate
in weapons range activities on a nominal four (4) month periodicity.
Performance may be conducted up to five (5) weeks before, to five
(5) weeks after, the scheduled date. The next scheduled date must be
four (4) months from the originally scheduled date.
F. Weapons Qualification and Requalification Program
1. General weapons qualification requirements.
(a) Qualification firing must be accomplished in accordance with
Commission requirements and the Commission-approved training and
qualification plan for assigned weapons.
(b) The results of weapons qualification and requalification
must be documented and retained as a record.
2. Tactical weapons qualification. The licensee Training and
Qualification Plan must describe the firearms used, the firearms
qualification program, and other tactical training required to
implement the Commission-approved security plans, licensee
protective strategy, and implementing procedures. Licensee developed
tactical qualification and re-qualification courses must describe
the performance criteria needed to include the site specific
conditions (such as lighting, elevation, fields-of-fire) under which
assigned personnel shall be required to carry-out their assigned
duties.
3. Firearms qualification courses. The licensee shall conduct
the following qualification courses for each weapon used.
(a) Annual daylight qualification course. Qualifying score must
be an accumulated total of 70 percent with handgun and shotgun, and
80 percent with semiautomatic rifle and/or enhanced weapons, of the
maximum obtainable target score.
(b) Annual night fire qualification course. Qualifying score
must be an accumulated total of 70 percent with handgun and shotgun,
and 80 percent with semiautomatic rifle and/or enhanced weapons, of
the maximum obtainable target score.
(c) Annual tactical qualification course. Qualifying score must
be an accumulated total of 80 percent of the maximum obtainable
score.
4. Courses of fire.
(a) Handgun. Armed members of the security organization,
assigned duties and
[[Page 13991]]
responsibilities involving the use of a revolver or semiautomatic
pistol shall qualify in accordance with standards established by a
law enforcement course, or an equivalent nationally recognized
course.
(b) Semiautomatic rifle. Armed members of the security
organization, assigned duties and responsibilities involving the use
of a semiautomatic rifle shall qualify in accordance with the
standards established by a law enforcement course, or an equivalent
nationally recognized course.
(c) Shotgun. Armed members of the security organization,
assigned duties and responsibilities involving the use of a shotgun
shall qualify in accordance with standards established by a law
enforcement course, or an equivalent nationally recognized course.
(d) Enhanced weapons. Armed members of the security
organization, assigned duties and responsibilities involving the use
of any weapon or weapons not described previously shall qualify in
accordance with applicable standards established by a law
enforcement course or an equivalent nationally recognized course for
these weapons.
5. Firearms requalification.
(a) Armed members of the security organization shall be re-
qualified for each assigned weapon at least annually in accordance
with Commission requirements and the Commission-approved training
and qualification plan, and the results documented and retained as a
record.
(b) Firearms requalification must be conducted using the courses
of fire outlined in paragraphs F.2, F.3, and F.4 of this section.
G. Weapons, Personal Equipment and Maintenance
1. Weapons. The licensee shall provide armed personnel with
weapons that are capable of performing the function stated in the
Commission-approved security plans, licensee protective strategy,
and implementing procedures.
2. Personal equipment.
(a) The licensee shall ensure that each individual is equipped
or has ready access to all personal equipment or devices required
for the effective implementation of the Commission-approved security
plans, licensee protective strategy, and implementing procedures.
(b) The licensee shall provide armed security personnel,
required for the effective implementation of the Commission-approved
Safeguards Contingency Plan and implementing procedures, at a
minimum, but is not limited to, the following:
(1) Gas mask, full face.
(2) Body armor (bullet-resistant vest).
(3) Ammunition/equipment belt.
(4) Two-way portable radios, 2 channels minimum, 1 operating and
1 emergency.
(c) Based upon the licensee protective strategy and the specific
duties and responsibilities assigned to each individual, the
licensee should provide, as appropriate, but is not limited to, the
following.
(1) Flashlights and batteries.
(2) Baton or other non-lethal weapons.
(3) Handcuffs.
(4) Binoculars.
(5) Night vision aids (e.g., goggles, weapons sights).
(6) Hand-fired illumination flares or equivalent.
(7) Duress alarms.
3. Maintenance.
(a) Firearms maintenance program. Each licensee shall implement
a firearms maintenance and accountability program in accordance with
the Commission regulations and the Commission-approved training and
qualification plan. The program must include:
(1) Semiannual test firing for accuracy and functionality.
(2) Firearms maintenance procedures that include cleaning
schedules and cleaning requirements.
(3) Program activity documentation.
(4) Control and accountability (weapons and ammunition).
(5) Firearm storage requirements.
(6) Armorer certification.
H. Records
1. The licensee shall retain all reports, records, or other
documentation required by this appendix in accordance with the
requirements of Sec. 73.55(r).
2. The licensee shall retain each individual's initial
qualification record for three (3) years after termination of the
individual's employment and shall retain each re-qualification
record for three (3) years after it is superseded.
3. The licensee shall document data and test results from each
individual's suitability, physical, and psychological qualification
and shall retain this documentation as a record for three (3) years
from the date of obtaining and recording these results.
I. Reviews
The licensee shall review the Commission-approved training and
qualification program in accordance with the requirements of Sec.
73.55(n).
J. Definitions
Terms defined in parts 50, 70, and 73 of this chapter have the
same meaning when used in this appendix.
0
16. In appendix C to part 73, the heading for appendix C is revised as
set out below, a heading for section I and a new introductory paragraph
are added before the Introduction section, and section II is added at
the end of the appendix to read as follows:
Appendix C to Part 73--Nuclear Power Plant Safeguards Contingency Plans
I. Safeguards Contingency Plan
Licensee, applicants, and certificate holders, with the
exception of those who are subject to the requirements of Sec.
73.55 shall comply with the requirements of this section.
* * * * *
II. Nuclear Power Plant Safeguards Contingency Plans
A. Introduction
The safeguards contingency plan is a documented plan that
describes how licensee personnel implement their physical protection
program to defend against threats to their facility, up to and
including the design basis threat of radiological sabotage. The
goals of licensee safeguards contingency plans are:
(1) To organize the response effort at the licensee level;
(2) To provide predetermined, structured response by licensees
to safeguards contingencies;
(3) To ensure the integration of the licensee response by other
entities; and
(4) To achieve a measurable performance in response capability.
Licensee safeguards contingency planning should result in
organizing the licensee's resources in such a way that the
participants will be identified, their responsibilities specified,
and the responses coordinated. The responses should be timely, and
include personnel who are trained and qualified to respond in
accordance with a documented training and qualification program.
The evaluation, validation, and testing of this portion of the
program shall be conducted in accordance with appendix B of this
part, General Criteria for Security Personnel. The licensee's
safeguards contingency plan is intended to maintain effectiveness
during the implementation of emergency plans developed under
appendix E to part 50 of this chapter.
B. Contents of the Plan
Each safeguards contingency plan shall include five (5)
categories of information:
(1) Background.
(2) Generic planning base.
(3) Licensee planning base.
(4) Responsibility matrix.
(5) Implementing procedures.
Although the implementing procedures (the fifth category of plan
information) are the culmination of the planning process, and are an
integral and important part of the safeguards contingency plan, they
entail operating details subject to frequent changes. They need not
be submitted to the Commission for approval, but are subject to
inspection by NRC staff on a periodic basis.
1. Background. This category of information shall identify the
perceived dangers and incidents that the plan will address and a
general description of how the response is organized.
a. Perceived Danger--Consistent with the design basis threat
specified in Sec. 73.1(a)(1), licensees shall identify and describe
the perceived dangers, threats, and incidents against which the
safeguards contingency plan is designed to protect.
b. Purpose of the Plan--Licensees shall describe the general
goals, objectives and operational concepts underlying the
implementation of the approved safeguards contingency plan.
c. Scope of the Plan--A delineation of the types of incidents
covered by the plan.
(i) How the onsite response effort is organized and coordinated
to effectively respond to a safeguards contingency event.
(ii) How the onsite response for safeguards contingency events
has been integrated in other site emergency response procedures.
d. Definitions--A list of terms and their definitions used in
describing operational and technical aspects of the approved
safeguards contingency plan.
2. Generic Planning Base. Licensees shall define the criteria
for initiation and
[[Page 13992]]
termination of responses to security events to include the specific
decisions, actions, and supporting information needed to respond to
each type of incident covered by the approved safeguards contingency
plan. To achieve this result the generic planning base must:
a. Identify those events that will be used for signaling the
beginning or aggravation of a safeguards contingency event according
to how they are perceived initially by licensee's personnel.
Licensees shall ensure detection of unauthorized activities and
shall respond to all alarms or other indications signaling a
security event, such as penetration of a protected area, vital area,
or unauthorized barrier penetration (vehicle or personnel);
tampering, bomb threats, or other threat warnings--either verbal,
such as telephoned threats, or implied, such as escalating civil
disturbances.
b. Define the specific objective to be accomplished relative to
each identified safeguards contingency event. The objective may be
to obtain a level of awareness about the nature and severity of the
safeguards contingency to prepare for further responses; to
establish a level of response preparedness; or to successfully
nullify or reduce any adverse safeguards consequences arising from
the contingency.
c. Identify the data, criteria, procedures, mechanisms and
logistical support necessary to achieve the objectives identified.
3. Licensee Planning Base. This category of information shall
include factors affecting safeguards contingency planning that are
specific for each facility. To the extent that the topics are
treated in adequate detail in the licensee's approved physical
security plan, they may be incorporated by reference in the
Safeguards Contingency Plan. The following topics must be addressed:
a. Organizational Structure. The safeguards contingency plan
must describe the organization's chain of command and delegation of
authority during safeguards contingency events, to include a general
description of how command and control functions will be coordinated
and maintained.
b. Physical Layout. The safeguards contingency plan must include
a site map depicting the physical structures located on the site,
including onsite independent spent fuel storage installations, and a
description of the structures depicted on the map. Plans must also
include a description and map of the site in relation to nearby
towns, transportation routes (e.g., rail, water, and roads),
pipelines, airports, hazardous material facilities, and pertinent
environmental features that may have an effect upon coordination of
response activities. Descriptions and maps must indicate main and
alternate entry routes for law enforcement or other offsite response
and support agencies and the location for marshaling and
coordinating response activities.
c. Safeguards Systems. The safeguards contingency plan must
include a description of the physical security systems that support
and influence how the licensee will respond to an event in
accordance with the design basis threat described in Sec. 73.1(a).
The licensee's description shall begin with onsite physical
protection measures implemented at the outermost facility perimeter,
and must move inward through those measures implemented to protect
target set equipment.
(i) Physical security systems and security systems hardware to
be discussed include security systems and measures that provide
defense in depth, such as physical barriers, alarm systems, locks,
area access, armaments, surveillance, and communications systems.
(ii) The specific structure of the security response
organization to include the total number of armed responders and
armed security officers documented in the approved security plans as
a component of the protective strategy and a general description of
response capabilities shall also be included in the safeguards
contingency plan.
(iii) Licensees shall ensure that individuals assigned duties
and responsibilities to implement the safeguards contingency plan
are trained and qualified in those duties according to the
Commission approved security plans, training and qualification
plans, and the performance evaluation program.
(iv) Armed responders shall be available to respond from
designated areas inside the protected area at all times and may not
be assigned any other duties or responsibilities that could
interfere with assigned armed response team duties and
responsibilities.
(v) Licensees shall develop, implement, and maintain a written
protective strategy to be documented in procedures that describe in
detail the physical protection measures, security systems and
deployment of the armed response team relative to site specific
conditions, to include but not be limited to, facility layout, and
the location of target set equipment and elements. The protective
strategy should support the general goals, operational concepts, and
performance objectives identified in the licensee's safeguards
contingency plan. The protective strategy shall:
(1) Be designed to meet the performance objectives of Sec.
73.55(a) through (k).
(2) Identify predetermined actions, areas of responsibility and
timelines for the deployment of armed personnel.
(3) Contain measures that limit the exposure of security
personnel to possible attack, including incorporation of bullet
resisting protected positions.
(4) Contain a description of the physical security systems and
measures that provide defense in depth such as physical barriers,
alarm systems, locks, area access, armaments, surveillance, and
communications systems.
(5) Describe the specific structure and responsibilities of the
armed response organization to include:
The authorized minimum number of armed responders, available at
all times inside the protected area.
The authorized minimum number of armed security officers,
available onsite at all times.
The total number of armed responders and armed security officers
documented in the approved security plans as a component of the
protective strategy.
(6) Provide a command and control structure, to include response
by off-site law enforcement agencies, which ensures that decisions
and actions are coordinated and communicated in a timely manner to
facilitate response.
d. Law Enforcement Assistance. Provide a listing of available
law enforcement agencies and a general description of their response
capabilities and their criteria for response and a discussion of
working agreements or arrangements for communicating with these
agencies.
e. Policy Constraints and Assumptions. The safeguards
contingency plan shall contain a discussion of State laws, local
ordinances, and company policies and practices that govern licensee
response to incidents and must include, but is not limited to, the
following.
(i) Use of deadly force.
(ii) Recall of off-duty employees.
(iii) Site jurisdictional boundaries.
(iv) Use of enhanced weapons, if applicable.
f. Administrative and Logistical Considerations. Descriptions of
licensee practices which influence how the security organization
responds to a safeguards contingency event to include, but not
limited to, a description of the procedures that will be used for
ensuring that equipment needed to facilitate response will be
readily accessible, in good working order, and in sufficient supply.
4. Responsibility Matrix. This category of information consists
of the detailed identification of responsibilities and specific
actions to be taken by licensee organizations and/or personnel in
response to safeguards contingency events.
a. Licensees shall develop site procedures that consist of
matrixes detailing the organization and/or personnel responsible for
decisions and actions associated with specific responses to
safeguards contingency events. The responsibility matrix and
procedures shall be referenced in the licensee's safeguards
contingency plan.
b. Responsibility matrix procedures shall be based on the events
outlined in the licensee's Generic Planning Base and must include
the following information:
(i) The definition of the specific objective to be accomplished
relative to each identified safeguards contingency event. The
objective may be to obtain a level of awareness about the nature and
severity of the safeguards contingency to prepare for further
responses, to establish a level of response preparedness, or to
successfully nullify or reduce any adverse safeguards consequences
arising from the contingency.
(ii) A tabulation for each identified initiating event and each
response entity which depicts the assignment of responsibilities for
decisions and actions to be taken in response to the initiating
event.
(iii) An overall description of response actions and
interrelationships specifically associated with each responsible
entity must be included.
c. Responsibilities shall be assigned in a manner that precludes
conflict of duties and responsibilities that would prevent the
execution of the safeguards contingency plan and emergency response
plans.
d. Licensees shall ensure that predetermined actions can be
completed under the postulated conditions.
[[Page 13993]]
5. Implementing Procedures.
(i) Licensees shall establish and maintain written implementing
procedures that provide specific guidance and operating details that
identify the actions to be taken and decisions to be made by each
member of the security organization who is assigned duties and
responsibilities required for the effective implementation of the
security plans and the site protective strategy.
(ii) Licensees shall ensure that implementing procedures
accurately reflect the information contained in the Responsibility
Matrix required by this appendix, the security plans, and other site
plans.
(iii) Implementing procedures need not be submitted to the
Commission for approval but are subject to inspection.
C. Records and Reviews
1. Licensees shall review the safeguards contingency plan in
accordance with the requirements of Sec. 73.55(n).
2. The safeguards contingency plan audit must include a review
of applicable elements of the Physical Security Plan, Training and
Qualification Plan, implementing procedures and practices, the site
protective strategy, and response agreements made by local, State,
and Federal law enforcement authorities.
3. Licensees shall retain all reports, records, or other
documentation required by this appendix in accordance with the
requirements of Sec. 73.55.
Dated at Rockville, Maryland, this 13th day of March 2009.
For the Nuclear Regulatory Commission.
Annette L. Vietti-Cook,
Secretary of the Commission.
[FR Doc. E9-6102 Filed 3-26-09; 8:45 am]
BILLING CODE 7590-01-P